Lucene search
PRIOn knowledge basePRION:CVE-2023-27984HistoryMar 21, 2023 - 11:15 a.m.
Input validation
2023-03-2111:15:00
PRIOn knowledge base
www.prio-n.com
4
improper input validation
custom reports
remote code execution
igss data server
igss dashboard
rms16.dll
cwe-20
nvd
A CWE-20: Improper Input Validation vulnerability exists in Custom Reports that could cause a macro to be executed, potentially leading to remote code execution when a user opens a malicious report file planted by an attacker. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior).
| CPE | Name | Operator | Version |
|---|---|---|---|
| custom_reports | le | 16.0.0.23040 | |
| igss_dashboard | le | 16.0.0.23040 | |
| igss_data_server | le | 16.0.0.23040 |
Related
cnvd
cnvd
Schneider Electric IGSS Data Server Input Validation Error Vulnerability
2023-03-20 00:00:00
cvelist
cvelist
CVE-2023-27984
2023-03-21 00:00:00
zdi
zdi
cve
cve
CVE-2023-27984
2023-03-21 11:15:10
nvd
nvd
CVE-2023-27984
2023-03-21 11:15:10
ics
ics
Schneider Electric IGSS
2023-03-23 12:00:00