How severe is CVE-2023-28142?

This vulnerability has a severity rating of HIGH with a CVSS score of 7 out of 10.

What type of vulnerability is CVE-2023-28142?

This is classified as CWE-362, which is a common weakness in software security.

CVE-2023-28142 - HIGH Severity | CVSS 7

Vulnerability Description

A Race Condition exists in the Qualys Cloud Agent for Windows platform in versions from 3.1.3.34 and before 4.5.3.1. This allows attackers to escalate privileges limited on the local machine during uninstallation of the Qualys Cloud Agent for Windows. Attackers may gain SYSTEM level privileges on that asset to run arbitrary commands. At the time of this disclosure, versions before 4.0 are classified as End of Life.

Related Vulnerabilities

CVE-2009-3547

HIGH

CVSS:7.0(High)

Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting ...

CWE-3622009

CVE-2010-1437

HIGH

CVSS:7.0(High)

Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system ...

CWE-3622010

CVE-2010-5159

HIGH

CVSS:7.0(High)

Race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler bu...

CWE-3622010

CVE-2010-5169

HIGH

CVSS:7.0(High)

Race condition in Online Armor Premium 4.0.0.35 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not bl...

CWE-3622010

CVE-2010-5181

HIGH

CVSS:7.0(High)

Race condition in VIPRE Antivirus Premium 4.0.3272 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not...

CWE-3622010

CVE-2011-0699

HIGH

CVSS:7.0(High)

Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified oth...

CWE-3622011