Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-5136

An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file.

Published

2023-11-08T16:15:11.067

Last Modified

2024-11-21T08:41:08.100

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-611
Type: Primary
CWE-732

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ni	topografix_data_plugin	2023	Yes
Application	ni	diadem	2014	Yes
Application	ni	diadem	2015	Yes
Application	ni	diadem	2015	Yes
Application	ni	diadem	2017	Yes
Application	ni	diadem	2017	Yes
Application	ni	diadem	2018	Yes
Application	ni	diadem	2018	Yes
Application	ni	diadem	2019	Yes
Application	ni	diadem	2019	Yes
Application	ni	diadem	2020	Yes
Application	ni	diadem	2020	Yes
Application	ni	diadem	2021	Yes
Application	ni	diadem	2021	Yes
Application	ni	diadem	2022	Yes
Application	ni	diadem	2022	Yes
Application	ni	diadem	2023	Yes
Application	ni	veristand	2013	Yes
Application	ni	veristand	2014	Yes
Application	ni	veristand	2015	Yes
Application	ni	veristand	2015	Yes
Application	ni	veristand	2016	Yes
Application	ni	veristand	2017	Yes
Application	ni	veristand	2018	Yes
Application	ni	veristand	2018	Yes
Application	ni	veristand	2019	Yes
Application	ni	veristand	2019	Yes
Application	ni	veristand	2019	Yes
Application	ni	veristand	2019	Yes
Application	ni	veristand	2020	Yes
Application	ni	veristand	2020	Yes
Application	ni	veristand	2020	Yes
Application	ni	veristand	2020	Yes
Application	ni	veristand	2020	Yes
Application	ni	veristand	2020	Yes
Application	ni	veristand	2021	Yes
Application	ni	veristand	2021	Yes
Application	ni	veristand	2021	Yes
Application	ni	veristand	2023	Yes
Application	ni	veristand	2023	Yes
Application	ni	veristand	2023	Yes
Application	ni	veristand	2023	Yes
Application	ni	flexlogger	2018	Yes
Application	ni	flexlogger	2018	Yes
Application	ni	flexlogger	2018	Yes
Application	ni	flexlogger	2018	Yes
Application	ni	flexlogger	2019	Yes
Application	ni	flexlogger	2019	Yes
Application	ni	flexlogger	2019	Yes
Application	ni	flexlogger	2019	Yes
Application	ni	flexlogger	2020	Yes
Application	ni	flexlogger	2020	Yes
Application	ni	flexlogger	2020	Yes
Application	ni	flexlogger	2020	Yes
Application	ni	flexlogger	2021	Yes
Application	ni	flexlogger	2021	Yes
Application	ni	flexlogger	2021	Yes
Application	ni	flexlogger	2021	Yes
Application	ni	flexlogger	2022	Yes
Application	ni	flexlogger	2022	Yes
Application	ni	flexlogger	2023	Yes
Application	ni	flexlogger	2023	Yes
Application	ni	flexlogger	2023	Yes
Application	ni	flexlogger	2023	Yes

References

https://www.ni.com/en/support/documentation/supplemental/23/incorrect-permission-assignment-in-the-topografix-dataplug-for-gpx.html Vendor Advisory ([email protected])
https://www.ni.com/en/support/documentation/supplemental/23/incorrect-permission-assignment-in-the-topografix-dataplug-for-gpx.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)