CVE-2023-5136

🗓️ 08 Nov 2023 15:24:10Reported by NIType

An incorrect permission assignment in TopoGrafix DataPlugin for GPX could lead to information disclosure

Reporter	Title	Published	Views	Family All 8
CNNVD	NI DIAdem Security Vulnerability	8 Nov 202300:00	–	cnnvd
Cvelist	CVE-2023-5136 Incorrect Permission Assignment in the TopoGrafix DataPlugin for GPX	8 Nov 202315:24	–	cvelist
EUVD	EUVD-2023-57474	3 Oct 202520:07	–	euvd
NVD	CVE-2023-5136	8 Nov 202316:15	–	nvd
Prion	Information disclosure	8 Nov 202316:15	–	prion
Positive Technologies	PT-2023-31790 · Topografix · Topografix Dataplugin For Gpx	8 Nov 202300:00	–	ptsecurity
Vulnrichment	CVE-2023-5136 Incorrect Permission Assignment in the TopoGrafix DataPlugin for GPX	8 Nov 202315:24	–	vulnrichment
Zero Day Initiative	NI DIAdem GPX File Parsing XML External Entity Processing Information Disclosure Vulnerability	14 Nov 202300:00	–	zdi

NVD

Node

ni topografix_data_pluginMatch2023-gpx

Node

ni diademMatch2014

ni diademMatch2015-

ni diademMatch2015sp2

ni diademMatch2017-

ni diademMatch2017sp1

ni diademMatch2018-

ni diademMatch2018sp1

ni diademMatch2019-

ni diademMatch2019sp1

ni diademMatch2020-

ni diademMatch2020sp1

ni diademMatch2021-

ni diademMatch2021sp1

ni diademMatch2022q2

ni diademMatch2022q4

ni diademMatch2023q2

Node

ni veristandMatch2013sp1

ni veristandMatch2014

ni veristandMatch2015-

ni veristandMatch2015sp1

ni veristandMatch2016

ni veristandMatch2017

ni veristandMatch2018-

ni veristandMatch2018sp1

ni veristandMatch2019-

ni veristandMatch2019r2

ni veristandMatch2019r3

ni veristandMatch2019r3f1

ni veristandMatch2020-

ni veristandMatch2020r2

ni veristandMatch2020r3

ni veristandMatch2020r4

ni veristandMatch2020r5

ni veristandMatch2020r6

ni veristandMatch2021-

ni veristandMatch2021r2

ni veristandMatch2021r3

ni veristandMatch2023q1

ni veristandMatch2023q2

ni veristandMatch2023q3

ni veristandMatch2023q4

Node

ni flexloggerMatch2018r1

ni flexloggerMatch2018r2

ni flexloggerMatch2018r3

ni flexloggerMatch2018r4

ni flexloggerMatch2019r1

ni flexloggerMatch2019r2

ni flexloggerMatch2019r3

ni flexloggerMatch2019r4

ni flexloggerMatch2020r1

ni flexloggerMatch2020r2

ni flexloggerMatch2020r3

ni flexloggerMatch2020r4

ni flexloggerMatch2021r1

ni flexloggerMatch2021r2

ni flexloggerMatch2021r3

ni flexloggerMatch2021r4

ni flexloggerMatch2022q2

ni flexloggerMatch2022q4

ni flexloggerMatch2023q1

ni flexloggerMatch2023q2

ni flexloggerMatch2023q3

ni flexloggerMatch2023q4

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows"
    ],
    "product": "TopoGrafix DataPlugin for GPX",
    "vendor": "NI",
    "versions": [
      {
        "lessThan": "2023 Q4",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows"
    ],
    "product": "DIAdem",
    "vendor": "NI",
    "versions": [
      {
        "lessThan": "2023 Q2",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows"
    ],
    "product": "VeriStand",
    "vendor": "NI",
    "versions": [
      {
        "lessThanOrEqual": "2023 Q4",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows"
    ],
    "product": "FlexLogger",
    "vendor": "NI",
    "versions": [
      {
        "lessThanOrEqual": "2023 Q4",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
ni	www.ni.com/en/support/documentation/supplemental/23/incorrect-permission-assignment-in-the-topografix-dataplug-for-gpx.html

21 Nov 2024 08:41Current

5.1Medium risk

Vulners AI Score5.1

CVSS 3.15.5

EPSS0.0011

SSVC