CVE-2023-2140

Опубликовано: 21 апр. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022

could allow an unauthenticated attacker to issue requests to arbitrary hosts on behalf of the server running the DELMIA Apriso application.

Ссылки

https://www.3ds.com/vulnerability/advisories
Vendor Advisory
https://www.3ds.com/vulnerability/advisories
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:3ds:delmia_apriso:*:*:*:*:*:*:*:*

Версия от 2017 (включая) до 2022 (включая)

EPSS

Процентиль: 42%

0.00202

Низкий

7.5 High

CVSS3

7.5 High

CVSS3

Дефекты

CWE-918

Связанные уязвимости

GHSA-xc69-c397-p3r8

CVSS3: 7.5

github

почти 3 года назад

A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022 could allow an unauthenticated attacker to issue requests to arbitrary hosts on behalf of the server running the DELMIA Apriso application.

EPSS

Процентиль: 42%

0.00202

Низкий

7.5 High

CVSS3

7.5 High

CVSS3

Дефекты

CWE-918