Lucene search
+L

6 matches found

ibm
ibm
added 2023/11/28 8:56 p.m.26 views

Security Bulletin: Systeminformation is vulnerable to CVE-2023-42810 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses systeminformation which is vulnerable to CVE-2023-42810. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID: CVE-2023-42810 DESCRIPTION: systeminformation could allow a remote attacker ...

9.8CVSS8.4AI score0.01837EPSS
Exploits0Affected Software1
circl
circl
added 2023/09/21 10:30 p.m.11 views

CVE-2023-42810

creationtimestamp| type| source ---|---|--- 2023-09-21 22:30:42+00:00| seen| https://t.me/cibsecurity/70919...

9.8CVSS8.7AI score0.01837EPSS
Exploits0References1
vulnersosv
vulnersosv
added 2023/09/21 5:15 p.m.8 views

@alwaysai/device-agent (>=0.0.1-2.1-beta-provision <=2.1.3), @best/agent (>=7.0.1 <=12.0.0) +82 more potentially affected by CVE-2023-42810 via systeminformation (>=5.0.6 <=5.21.5)

systeminformation NPM version =5.0.6, =0.0.1-2.1-beta-provision, =7.0.1, =7.0.1, =6.1.4, =6.1.4, =6.1.4, =6.1.4, =7.0.1, =6.1.4, =6.1.4, =6.1.4, =6.1.4, =6.1.4, =6.1.4, =6.1.4, =12.0.0 and more Source cves: CVE-2023-42810 Source advisory: OSV:GHSA-GX6R-QC2V-3P3V...

9.8CVSS7.2AI score0.01837EPSS
Exploits0
vulnrichment
vulnrichment
added 2023/09/21 5:11 p.m.15 views

CVE-2023-42810 systeminformation SSID Command Injection Vulnerability

systeminformation is a System Information Library for Node.JS. Versions 5.0.0 through 5.21.6 have a SSID Command Injection Vulnerability. The problem was fixed with a parameter check in version 5.21.7. As a workaround, check or sanitize parameter strings that are passed to wifiConnections,...

9.8CVSS9.7AI score0.01837EPSS
Exploits0References3
cvelist
cvelist
added 2023/09/21 5:11 p.m.46 views

CVE-2023-42810 systeminformation SSID Command Injection Vulnerability

systeminformation is a System Information Library for Node.JS. Versions 5.0.0 through 5.21.6 have a SSID Command Injection Vulnerability. The problem was fixed with a parameter check in version 5.21.7. As a workaround, check or sanitize parameter strings that are passed to wifiConnections,...

9.8CVSS9.9AI score0.01837EPSS
Exploits0References3
cve
cve
added 2023/09/21 5:11 p.m.150 views

CVE-2023-42810

The CVE-2023-42810 vulnerability affects the Node.js library systeminformation. Versions 5.0.0 through 5.21.6 contain an SSID Command Injection flaw in wifiConnections() and wifiNetworks() that could allow an attacker to execute arbitrary commands. The issue is fixed in version 5.21.7 through a p...

9.8CVSS9.7AI score0.01837EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder