Описание
An OS Command Injection vulnerability exists in SIMULIA 3DOrchestrate from Release 3DEXPERIENCE R2021x through Release 3DEXPERIENCE R2023x. A specially crafted HTTP request can lead to arbitrary command execution.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:3ds:3dexperience:r2021x:*:*:*:*:*:*:*
cpe:2.3:o:3ds:3dexperience:r2022x:*:*:*:*:*:*:*
cpe:2.3:o:3ds:3dexperience:r2023x:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00324
Низкий
8.8 High
CVSS3
Дефекты
CWE-78
CWE-78
Связанные уязвимости
CVSS3: 8.8
github
больше 2 лет назад
An OS Command Injection vulnerability exists in SIMULIA 3DOrchestrate from Release 3DEXPERIENCE R2021x through Release 3DEXPERIENCE R2023x. A specially crafted HTTP request can lead to arbitrary command execution.
EPSS
Процентиль: 55%
0.00324
Низкий
8.8 High
CVSS3
Дефекты
CWE-78
CWE-78