Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-2140

A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022 could allow an unauthenticated attacker to issue requests to arbitrary hosts on behalf of the server running the DELMIA Apriso application.

Published

2023-04-21T16:15:07.380

Last Modified

2024-11-21T07:58:00.800

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-918
Type: Primary
CWE-918

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	3ds	delmia_apriso	≤ 2022	Yes

References

https://www.3ds.com/vulnerability/advisories Vendor Advisory ([email protected])
https://www.3ds.com/vulnerability/advisories Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)