CVE-2023-37196

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jul 12, 2023

Updated: Jul 19, 2023

CWE ID 89

Summary

CVE-2023-37196 is a vulnerability affecting DCE that combines an SQL Injection and CWE-89 issue. An authenticated user can exploit this vulnerability by tampering with alert settings, potentially gaining unauthorized access to content, making unauthorized changes, or deleting data, and executing unauthorized actions on DCE.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Schneider-electric Struxureware Data Center Expert

Affected Vendors

Schneider Electric SE

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r0O-yB
https://www.cve.org/CVERecord?id=CVE-2023-37196
https://nvd.nist.gov/vuln/detail/CVE-2023-37196

Back to Vulnerability Database