How severe is CVE-2023-20084?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.4 out of 10.

What type of vulnerability is CVE-2023-20084?

This is classified as CWE-437, which is a common weakness in software security.

CVE-2023-20084 - MEDIUM Severity | CVSS 4.4

Vulnerability Description

A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. This vulnerability is due to a timing issue that occurs between various software components. An attacker could exploit this vulnerability by persuading a user to put a malicious file into a specific folder and then persuading the user to execute the file within a limited time window. A successful exploit could allow the attacker to cause the endpoint software to fail to quarantine the malicious file or kill its process. Note: This vulnerability only applies to deployments that have the Windows Folder Redirection feature enabled.

Related Vulnerabilities

CVE-2016-8365

MEDIUM

CVSS:5.5(Medium)

OSIsoft PI System software (Applications using PI Asset Framework (AF) Client versions prior to PI AF Client 2016, Version 2.8.0; Applications using PI Software Development Kit (SDK) versions prior to...

CWE-4372016

CVE-2024-57176

HIGH

CVSS:7.6(High)

An issue in the shiroFilter function of White-Jotter project v0.2.2 allows attackers to execute a directory traversal and access sensitive endpoints via a crafted URL.

CWE-4372024

CVE-2024-55629