CVE-2023-6450 - OpenCVE

An incorrect permissions vulnerability was reported in the Lenovo App Store app that could allow an attacker to use system resources, resulting in a denial of service.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Lenovo	App Store

Configuration 1 [-]

cpe:2.3:a:lenovo:app_store:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://iknow.lenovo.com.cn/detail/419672

History

No history.

MITRE

Status: PUBLISHED

Assigner: lenovo

Published: 2024-01-19T20:09:59.870Z

Updated: 2024-08-02T08:28:21.810Z

Reserved: 2023-11-30T21:57:10.347Z

Link: CVE-2023-6450

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2024-01-19T20:15:12.853

Modified: 2024-01-26T15:59:00.420

Link: CVE-2023-6450

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6450", "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "state": "PUBLISHED", "assignerShortName": "lenovo", "dateReserved": "2023-11-30T21:57:10.347Z", "datePublished": "2024-01-19T20:09:59.870Z", "dateUpdated": "2024-08-02T08:28:21.810Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Lenovo App Store Application", "vendor": "Lenovo", "versions": [{"lessThan": "12.4.20", "status": "affected", "version": " ", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Lenovo thanks CNVD for reporting this issue."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An incorrect permissions vulnerability was reported in the Lenovo App Store app that could allow an attacker to use system resources, resulting in a denial of service."}], "value": "An incorrect permissions vulnerability was reported in the Lenovo App Store app that could allow an attacker to use system resources, resulting in a denial of service."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "shortName": "lenovo", "dateUpdated": "2024-01-19T20:09:59.870Z"}, "references": [{"url": "https://iknow.lenovo.com.cn/detail/419672"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update Lenovo App Store to version 12.4.20 or later."}], "value": "Update Lenovo App Store to version 12.4.20 or later."}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:28:21.810Z"}, "title": "CVE Program Container", "references": [{"url": "https://iknow.lenovo.com.cn/detail/419672", "tags": ["x_transferred"]}]}]}}