CVE-2023-6334 - OpenCVE

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Windows
Hypr	Workforce Access

Configuration 1 [-]

AND

cpe:2.3:a:hypr:workforce_access:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.hypr.com/security-advisories	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: HYPR

Published: 2024-01-16T19:41:52.057Z

Updated: 2024-01-16T19:41:52.057Z

Reserved: 2023-11-27T18:03:31.048Z

Link: CVE-2023-6334

JSON object: View

NVD Information

Status : Analyzed

Published: 2024-01-16T20:15:45.303

Modified: 2024-01-23T19:25:15.260

Link: CVE-2023-6334

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hypr:workforce_access:*:*:*:*:*:*:*:*", "matchCriteriaId": "83E3E9E9-12B1-41CE-B254-894EDCC79B3F", "versionEndExcluding": "8.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7.\n\n"}, {"lang": "es", "value": "Vulnerabilidad de restricci\u00f3n inadecuada de operaciones dentro de los l\u00edmites en b\u00fafer de memoria en HYPR Workforce Access en Windows permite desbordamiento de b\u00faferes. Este problema afecta a Workforce Access: versiones anteriores a 8.7."}], "id": "CVE-2023-6334", "lastModified": "2024-01-23T19:25:15.260", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 4.2, "source": "security@hypr.com", "type": "Secondary"}]}, "published": "2024-01-16T20:15:45.303", "references": [{"source": "security@hypr.com", "tags": ["Vendor Advisory"], "url": "https://www.hypr.com/security-advisories"}], "sourceIdentifier": "security@hypr.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-119"}], "source": "security@hypr.com", "type": "Secondary"}]}