CVE-2023-30297

An issue found in N-able Technologies N-central Server before 2023.4 allows a local attacker to execute arbitrary code via the monitoring function of the server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7 HIGH
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 10%
VendorProductVersion
n-ablen-central
𝑥
< 2023.4
𝑥
= Vulnerable software versions
References
https://status.n-able.com/2023/07/27/cve-2023-30297-release-note/
https://www.n-able.com/
https://status.n-able.com/2023/07/27/cve-2023-30297-release-note/
https://www.n-able.com/