CVE-2023-7169 (GCVE-0-2023-7169)
Vulnerability from cvelistv5 – Published: 2024-02-08 12:59 – Updated: 2024-08-02 08:50
VLAI
EPSS
VEX
Title
Impersonate vendor signed Powershell scripts
Summary
Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows allows Signature Spoof.This issue affects Snow Inventory Agent: through 6.14.5. Customers advised to upgrade to version 7.0
Severity
6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-290 - Authentication Bypass by Spoofing
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Snow Software | Snow Inventory Agent |
Affected:
0 , ≤ 6.14.5
(all version)
|
Date Public
2024-02-08 12:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-7169",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-08T17:17:07.783606Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:20:45.622Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:50:08.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://community.snowsoftware.com/s/feed/0D5Td000004YtMcKAK"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Snow Inventory Agent",
"vendor": "Snow Software",
"versions": [
{
"lessThanOrEqual": "6.14.5",
"status": "affected",
"version": "0",
"versionType": "all version"
}
]
}
],
"datePublic": "2024-02-08T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows allows Signature Spoof.\u003cp\u003eThis issue affects Snow Inventory Agent: through 6.14.5. Customers advised to upgrade to version 7.0\u003c/p\u003e"
}
],
"value": "Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows allows Signature Spoof.This issue affects Snow Inventory Agent: through 6.14.5. Customers advised to upgrade to version 7.0\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-473",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-473 Signature Spoof"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-08T12:59:40.731Z",
"orgId": "ea911274-ddd9-4e68-b39a-d7d6ae8b8a65",
"shortName": "Snow"
},
"references": [
{
"url": "https://community.snowsoftware.com/s/feed/0D5Td000004YtMcKAK"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to version 7.0"
}
],
"value": "Upgrade to version 7.0"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Impersonate vendor signed Powershell scripts",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Validate all powershell scripts by public hashes\u0026nbsp;"
}
],
"value": "Validate all powershell scripts by public hashes\u00a0"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "ea911274-ddd9-4e68-b39a-d7d6ae8b8a65",
"assignerShortName": "Snow",
"cveId": "CVE-2023-7169",
"datePublished": "2024-02-08T12:59:40.731Z",
"dateReserved": "2023-12-29T09:26:41.449Z",
"dateUpdated": "2024-08-02T08:50:08.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-7169",
"date": "2026-07-13",
"epss": "0.00161",
"percentile": "0.05706"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:snowsoftware:snow_inventory_agent:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.0\", \"matchCriteriaId\": \"5B149DB0-3F9E-42D1-B121-CF1DEF5063D1\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows allows Signature Spoof.This issue affects Snow Inventory Agent: through 6.14.5. Customers advised to upgrade to version 7.0\\n\\n\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de omisi\\u00f3n de autenticaci\\u00f3n mediante suplantaci\\u00f3n de identidad en Snow Software Snow Inventory Agent en Windows permite la suplantaci\\u00f3n de firma. Este problema afecta a Snow Inventory Agent: hasta 6.14.5. Se recomienda a los clientes actualizar a la versi\\u00f3n 7.0\"}]",
"id": "CVE-2023-7169",
"lastModified": "2024-11-21T08:45:25.633",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security@snowsoftware.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N\", \"baseScore\": 6.0, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 5.2}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
"published": "2024-02-08T13:15:08.417",
"references": "[{\"url\": \"https://community.snowsoftware.com/s/feed/0D5Td000004YtMcKAK\", \"source\": \"security@snowsoftware.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://community.snowsoftware.com/s/feed/0D5Td000004YtMcKAK\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "security@snowsoftware.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"security@snowsoftware.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-290\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-290\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-7169\",\"sourceIdentifier\":\"security@snowsoftware.com\",\"published\":\"2024-02-08T13:15:08.417\",\"lastModified\":\"2026-06-17T06:52:13.720\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows allows Signature Spoof.This issue affects Snow Inventory Agent: through 6.14.5. Customers advised to upgrade to version 7.0\\n\\n\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n mediante suplantaci\u00f3n de identidad en Snow Software Snow Inventory Agent en Windows permite la suplantaci\u00f3n de firma. Este problema afecta a Snow Inventory Agent: hasta 6.14.5. Se recomienda a los clientes actualizar a la versi\u00f3n 7.0\"}],\"affected\":[{\"source\":\"security@snowsoftware.com\",\"affectedData\":[{\"vendor\":\"Snow Software\",\"product\":\"Snow Inventory Agent\",\"defaultStatus\":\"unaffected\",\"platforms\":[\"Windows\"],\"versions\":[{\"version\":\"0\",\"lessThanOrEqual\":\"6.14.5\",\"versionType\":\"all version\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@snowsoftware.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":6.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.8,\"impactScore\":5.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2024-02-08T17:17:07.783606Z\",\"id\":\"CVE-2023-7169\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security@snowsoftware.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-290\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-290\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snowsoftware:snow_inventory_agent:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.0\",\"matchCriteriaId\":\"5B149DB0-3F9E-42D1-B121-CF1DEF5063D1\"}]}]}],\"references\":[{\"url\":\"https://community.snowsoftware.com/s/feed/0D5Td000004YtMcKAK\",\"source\":\"security@snowsoftware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://community.snowsoftware.com/s/feed/0D5Td000004YtMcKAK\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"redhat_vex": {
"current_release_date": "2025-05-29T00:45:43+00:00",
"cve": "CVE-2023-7169",
"id": "CVE-2023-7169",
"initial_release_date": "2023-01-01T00:00:00+00:00",
"product_status:known_not_affected": "1",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "Impersonate vendor signed Powershell scripts",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-7169.json",
"version": "3"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://community.snowsoftware.com/s/feed/0D5Td000004YtMcKAK\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T08:50:08.262Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-7169\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-02-08T17:17:07.783606Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-05T15:20:36.666Z\"}}], \"cna\": {\"title\": \"Impersonate vendor signed Powershell scripts\", \"source\": {\"discovery\": \"INTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-473\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-473 Signature Spoof\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Snow Software\", \"product\": \"Snow Inventory Agent\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"all version\", \"lessThanOrEqual\": \"6.14.5\"}], \"platforms\": [\"Windows\"], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Upgrade to version 7.0\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Upgrade to version 7.0\", \"base64\": false}]}], \"datePublic\": \"2024-02-08T12:00:00.000Z\", \"references\": [{\"url\": \"https://community.snowsoftware.com/s/feed/0D5Td000004YtMcKAK\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Validate all powershell scripts by public hashes\\u00a0\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Validate all powershell scripts by public hashes\u0026nbsp;\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows allows Signature Spoof.This issue affects Snow Inventory Agent: through 6.14.5. Customers advised to upgrade to version 7.0\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows allows Signature Spoof.\u003cp\u003eThis issue affects Snow Inventory Agent: through 6.14.5. Customers advised to upgrade to version 7.0\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-290\", \"description\": \"CWE-290 Authentication Bypass by Spoofing\"}]}], \"providerMetadata\": {\"orgId\": \"ea911274-ddd9-4e68-b39a-d7d6ae8b8a65\", \"shortName\": \"Snow\", \"dateUpdated\": \"2024-02-08T12:59:40.731Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-7169\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-02T08:50:08.262Z\", \"dateReserved\": \"2023-12-29T09:26:41.449Z\", \"assignerOrgId\": \"ea911274-ddd9-4e68-b39a-d7d6ae8b8a65\", \"datePublished\": \"2024-02-08T12:59:40.731Z\", \"assignerShortName\": \"Snow\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…