Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2023-34982

🗓️ 15 Nov 2023 16:28:35Reported by icscertType 
cve
 cve🔗 web.nvd.nist.gov👁 64 Views

External control vulnerability allows local OS-authenticated user to delete files with System privilege, leading to denial of service

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
CNNVD		AVEVA Operations Control Logger Security Vulnerability
15 Nov 202300:00
cnnvd
Cvelist		CVE-2023-34982 AVEVA Operations Control Logger External Control of File Name or Path
15 Nov 202316:28
cvelist
EUVD		EUVD-2023-39020
3 Oct 202520:07
euvd
ICS		AVEVA Operations Control Logger
14 Nov 202307:00
ics
NVD		CVE-2023-34982
15 Nov 202317:15
nvd
OSV		CVE-2023-34982
15 Nov 202317:15
osv
Prion		Xxe
15 Nov 202317:15
prion
Positive Technologies		PT-2023-25082 · Aveva · Application Server +14
15 Nov 202300:00
ptsecurity
NVD
Vulners
Node
avevabatch_managementRange<2020
OR
avevabatch_managementMatch2020-
OR
avevabatch_managementMatch2020sp1
OR
avevacommunication_driversRange<2020
OR
avevacommunication_driversMatch2020-
OR
avevacommunication_driversMatch2020r2
OR
avevacommunication_driversMatch2020r2_p01
OR
avevaedgeRange20.1.101
OR
avevaenterprise_licensingRange3.7.002
OR
avevahistorianRange<2020
OR
avevahistorianMatch2020-
OR
avevahistorianMatch2020r2
OR
avevahistorianMatch2020r2_p01
OR
avevaintouchRange<2020
OR
avevaintouchMatch2020-
OR
avevaintouchMatch2020r2
OR
avevaintouchMatch2020r2_p01
OR
avevamanufacturing_execution_systemRange<2020
OR
avevamanufacturing_execution_systemMatch2020
OR
avevamanufacturing_execution_systemMatch2020p01
OR
avevamobile_operatorRange<2020
OR
avevamobile_operatorMatch2020
OR
avevamobile_operatorMatch2020-
OR
avevamobile_operatorMatch2020r1
OR
avevaplant_scadaRange<2020
OR
avevaplant_scadaMatch2020-
OR
avevaplant_scadaMatch2020r2
OR
avevarecipe_managementRange<2020
OR
avevarecipe_managementMatch2020-
OR
avevarecipe_managementMatch2020update_1_patch_2
OR
avevasystem_platformRange<2020
OR
avevasystem_platformMatch2020-
OR
avevasystem_platformMatch2020r2
OR
avevasystem_platformMatch2020r2_p01
OR
avevatelemetry_serverMatch2020r2-
OR
avevatelemetry_serverMatch2020r2sp1
OR
avevawork_tasksRange<2020
OR
avevawork_tasksMatch2020-
OR
avevawork_tasksMatch2020update_1
OR
avevawork_tasksMatch2020update_2
[
  {
    "defaultStatus": "unaffected",
    "product": "SystemPlatform",
    "vendor": "AVEVA ",
    "versions": [
      {
        "lessThanOrEqual": "2020 R2 SP1 P01",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Historian",
    "vendor": "AVEVA ",
    "versions": [
      {
        "lessThanOrEqual": "2020 R2 SP1 P01",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Application Server",
    "vendor": "AVEVA ",
    "versions": [
      {
        "lessThanOrEqual": "2020 R2 SP1 P01",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "InTouch",
    "vendor": "AVEVA ",
    "versions": [
      {
        "lessThanOrEqual": "2020 R2 SP1 P01",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Enterprise Licensing (formerly known as License Manager)",
    "vendor": "AVEVA ",
    "versions": [
      {
        "lessThanOrEqual": "3.7.002",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Manufacturing Execution System (formerly known as Wonderware MES)",
    "vendor": "AVEVA ",
    "versions": [
      {
        "lessThanOrEqual": "2020 P01",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Recipe Management",
    "vendor": "AVEVA ",
    "versions": [
      {
        "lessThanOrEqual": "2020 R2 Update 1 Patch 2 ",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Batch Management",
    "vendor": "AVEVA ",
    "versions": [
      {
        "lessThanOrEqual": "2020 SP1 ",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Edge (formerly known as Indusoft Web Studio)",
    "vendor": "AVEVA ",
    "versions": [
      {
        "lessThanOrEqual": "2020 R2 SP1 P01",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Worktasks (formerly known as Workflow Management)",
    "vendor": "AVEVA ",
    "versions": [
      {
        "lessThanOrEqual": "2020 U2",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Plant SCADA (formerly known as Citect)",
    "vendor": "AVEVA ",
    "versions": [
      {
        "lessThanOrEqual": "2020 R2 Update 15",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Mobile Operator (formerly known as IntelaTrac Mobile Operator Rounds)",
    "vendor": "AVEVA ",
    "versions": [
      {
        "lessThanOrEqual": "2020 R1",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Communication Drivers Pack",
    "vendor": "AVEVA ",
    "versions": [
      {
        "lessThanOrEqual": "2020 R2 SP1",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Telemetry Server",
    "vendor": "AVEVA ",
    "versions": [
      {
        "lessThanOrEqual": "2020 R2 SP1",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Jun 2026 06:04Current
6.1Medium risk
Vulners AI Score6.1
CVSS 3.15.5 - 7.1
EPSS0.00219
CWE-610CWE-73
cve-2023-34982external control vulnerabilitydenial of servicenvd
64