{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2020-10962", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-10-21T14:34:37.817Z", "dateReserved": "2020-03-25T00:00:00", "datePublished": "2023-08-01T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-08-01T00:00:00"}, "descriptions": [{"lang": "en", "value": "In PowerShell App Deployment Toolkit (aka PSAppDeployToolkit) through 3.8.0, an incorrect access control vulnerability in the default configuration may allow an authenticated user to potentially enable escalation of privilege via local access."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/PSAppDeployToolkit/PSAppDeployToolkit/releases"}, {"url": "https://discourse.psappdeploytoolkit.com/t/psappdeploytoolkit-3-8-2/2555"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:21:13.685Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/PSAppDeployToolkit/PSAppDeployToolkit/releases", "tags": ["x_transferred"]}, {"url": "https://discourse.psappdeploytoolkit.com/t/psappdeploytoolkit-3-8-2/2555", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-21T14:34:20.424272Z", "id": "CVE-2020-10962", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-21T14:34:37.817Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/PSAppDeployToolkit/PSAppDeployToolkit/releases", "tags": ["x_transferred"]}, {"url": "https://discourse.psappdeploytoolkit.com/t/psappdeploytoolkit-3-8-2/2555", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:21:13.685Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2020-10962", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-21T14:34:20.424272Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-21T14:34:28.934Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/PSAppDeployToolkit/PSAppDeployToolkit/releases"}, {"url": "https://discourse.psappdeploytoolkit.com/t/psappdeploytoolkit-3-8-2/2555"}], "descriptions": [{"lang": "en", "value": "In PowerShell App Deployment Toolkit (aka PSAppDeployToolkit) through 3.8.0, an incorrect access control vulnerability in the default configuration may allow an authenticated user to potentially enable escalation of privilege via local access."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-08-01T00:00:00"}}}, "cveMetadata": {"cveId": "CVE-2020-10962", "state": "PUBLISHED", "dateUpdated": "2024-10-21T14:34:37.817Z", "dateReserved": "2020-03-25T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2023-08-01T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:psappdeploytoolkit:powershell_app_deployment_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "558B3D55-C116-4416-9527-23E0FF25FC7D", "versionEndIncluding": "3.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In PowerShell App Deployment Toolkit (aka PSAppDeployToolkit) through 3.8.0, an incorrect access control vulnerability in the default configuration may allow an authenticated user to potentially enable escalation of privilege via local access."}], "id": "CVE-2020-10962", "lastModified": "2024-11-21T04:56:27.673", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-01T02:15:09.687", "references": [{"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://discourse.psappdeploytoolkit.com/t/psappdeploytoolkit-3-8-2/2555"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://github.com/PSAppDeployToolkit/PSAppDeployToolkit/releases"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://discourse.psappdeploytoolkit.com/t/psappdeploytoolkit-3-8-2/2555"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://github.com/PSAppDeployToolkit/PSAppDeployToolkit/releases"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}