CVE-2023-6032

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Nov 15, 2023

Updated: Nov 30, 2023

CWE ID 22

Summary

CVE-2023-6032 is a newly identified path traversal vulnerability. An attacker exploiting this issue can gain the ability to enumerate file systems and download files by navigating to the Network Management Card via HTTPS. This vulnerability (CWE-22) stems from an improper limitation of a pathname to a restricted directory. Successful exploitation could lead to sensitive information disclosure and potential system compromise. Organizations using affected Network Management Cards are urged to apply the available patch as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Schneider Electric SE

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tUsmGL
https://www.cve.org/CVERecord?id=CVE-2023-6032
https://nvd.nist.gov/vuln/detail/CVE-2023-6032

Back to Vulnerability Database

CVE-2023-6032

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations