CVE-2023-31294

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 29, 2023

Updated: Jan 8, 2024

CWE ID 1236

Summary

CVE-2023-31294 is a newly disclosed vulnerability that impacts Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6. This issue is classified as a CSV Injection vulnerability. An attacker can exploit this flaw by manipulating the Delivery Name field in a maliciously crafted CSV file. Successful exploitation allows the attacker to gain unauthorized access to sensitive information. This vulnerability poses a significant risk to organizations using the affected software and requires immediate attention and patching to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r_cf-T
https://www.cve.org/CVERecord?id=CVE-2023-31294
https://nvd.nist.gov/vuln/detail/CVE-2023-31294

Back to Vulnerability Database

CVE-2023-31294

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations