Lucene search
PRIOn knowledge basePRION:CVE-2023-27979HistoryMar 21, 2023 - 1:15 p.m.
Design/Logic Flaw
2023-03-2113:15:00
PRIOn knowledge base
www.prio-n.com
3
design flaw
logic flaw
igss data server
denial of service
crafted messages
vulnerability
data authenticity
cwe-345
insufficient verification
renaming files
data server tcp port
affected products
igss dashboard
custom reports
nvd
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could allow the renaming of files in the IGSS project report directory, this could lead to denial of service when an attacker sends specific crafted messages to the Data Server TCP port. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior).
| CPE | Name | Operator | Version |
|---|---|---|---|
| custom_reports | le | 16.0.0.23040 | |
| igss_dashboard | le | 16.0.0.23040 | |
| igss_data_server | le | 16.0.0.23040 |
Related
cvelist
cvelist
CVE-2023-27979
2023-03-21 00:00:00
cve
cve
CVE-2023-27979
2023-03-21 13:15:12
zdi
zdi
cnvd
cnvd
Schneider Electric IGSS Data Server Data Forgery Issue Vulnerability
2023-03-20 00:00:00
nvd
nvd
CVE-2023-27979
2023-03-21 13:15:12
ics
ics
Schneider Electric IGSS
2023-03-23 12:00:00