Lucene search

K
nvd[email protected]NVD:CVE-2023-30985
HistoryMay 09, 2023 - 1:15 p.m.

CVE-2023-30985

2023-05-0913:15:18
CWE-125
web.nvd.nist.gov
5
cve-2023-30985
solid edge se2023
out of bounds read
obj file parsing
disclosure of sensitive information
zdi-can-19426

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

4.7

Confidence

High

EPSS

0.001

Percentile

20.6%

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 3), Solid Edge SE2023 (All versions < V223.0 Update 2). Affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted OBJ file. This vulnerability could allow an attacker to disclose sensitive information. (ZDI-CAN-19426)

Affected configurations

Nvd
Node
siemenssolid_edge_se2023Match-
OR
siemenssolid_edge_se2023Matchupdate_0001
VendorProductVersionCPE
siemenssolid_edge_se2023-cpe:2.3:a:siemens:solid_edge_se2023:-:*:*:*:*:*:*:*
siemenssolid_edge_se2023update_0001cpe:2.3:a:siemens:solid_edge_se2023:update_0001:*:*:*:*:*:*:*

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

4.7

Confidence

High

EPSS

0.001

Percentile

20.6%

Related for NVD:CVE-2023-30985