Insight
CVE-2023-28351
LOW
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
An issue was discovered in Faronics Insight 10.0.19045 on Windows. Every keystroke made by any user on a computer with the Student application installed is logged to a world-readable directory. A local attacker can trivially extract these cleartext keystrokes, potentially enabling them to obtain PII and/or to compromise personal accounts owned by the victim.
AnalysisAI
An issue was discovered in Faronics Insight 10.0.19045 on Windows. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-532. An issue was discovered in Faronics Insight 10.0.19045 on Windows. Every keystroke made by any user on a computer with the Student application installed is logged to a world-readable directory. A local attacker can trivially extract these cleartext keystrokes, potentially enabling them to obtain PII and/or to compromise personal accounts owned by the victim. Affected products include: Faronics Insight.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
An issue was discovered in Faronics Insight 10.0.19045 on Windows. Rated critical severity (CVSS 9.6), this vulnerabilit
An issue was discovered in Faronics Insight 10.0.19045 on Windows. Rated high severity (CVSS 8.8), this vulnerability is
An issue was discovered in Faronics Insight 10.0.19045 on Windows. Rated high severity (CVSS 8.8), this vulnerability is
An issue was discovered in creditease-sec insight through 2018-09-11. Rated high severity (CVSS 8.8), this vulnerability
An issue was discovered in creditease-sec insight through 2018-09-11. Rated high severity (CVSS 8.8), this vulnerability
An issue was discovered in creditease-sec insight through 2018-09-11. Rated high severity (CVSS 8.8), this vulnerability
An issue was discovered in creditease-sec insight through 2018-09-11. Rated high severity (CVSS 8.8), this vulnerability
An issue was discovered in Faronics Insight 10.0.19045 on Windows. Rated high severity (CVSS 7.4), this vulnerability is
An issue was discovered in Faronics Insight 10.0.19045 on Windows. Rated high severity (CVSS 7.4), this vulnerability is
An issue was discovered in Faronics Insight 10.0.19045 on Windows. Rated high severity (CVSS 7.3), this vulnerability is
An issue was discovered in Faronics Insight 10.0.19045 on Windows. Rated high severity (CVSS 7.1), this vulnerability is
An issue was discovered in Faronics Insight 10.0.19045 on Windows. Rated medium severity (CVSS 6.1), this vulnerability
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today