Lucene search

[email protected]NVD:CVE-2023-30985

HistoryMay 09, 2023 - 1:15 p.m.

CVE-2023-30985

2023-05-0913:15:18

CWE-125

[email protected]

web.nvd.nist.gov

cve-2023-30985

solid edge se2023

out of bounds read

obj file parsing

disclosure of sensitive information

zdi-can-19426

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

4.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.8%

JSON

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 3), Solid Edge SE2023 (All versions < V223.0 Update 2). Affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted OBJ file. This vulnerability could allow an attacker to disclose sensitive information. (ZDI-CAN-19426)

Affected configurations

NVD

Node

siemenssolid_edge_se2023Match-

siemenssolid_edge_se2023Matchupdate_0001

References

cert-portal.siemens.com/productcert/pdf/ssa-932528.pdf

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

4.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.8%

JSON

Related for NVD:CVE-2023-30985

prion1 zdi1 cve1 cvelist1 ics1