Lucene search

[email protected]NVD:CVE-2023-22317

HistoryAug 03, 2023 - 1:15 p.m.

CVE-2023-22317

2023-08-0313:15:09

CWE-416

[email protected]

web.nvd.nist.gov

cx-programmer; use after free; information disclosure; arbitrary code execution; cve-2023-22317; vulnerability

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

32.4%

JSON

Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22277 and CVE-2023-22314.

Affected configurations

NVD

Node

omroncx-programmerRange≤9.79

References

jvn.jp/en/vu/JVNVU92877622/

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

32.4%

JSON

Related for NVD:CVE-2023-22317

cvelist3 cve3 prion3 nvd2