CVE-2023-1547

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 13, 2023

Updated: Jul 31, 2023

CWE ID 89

Summary

CVE-2023-1547 is an SQL Injection vulnerability affecting Elra Parkmatik before 02.01-a51. An attacker can exploit this issue by tampering with SOAP parameters, enabling them to inject malicious SQL commands. This vulnerability poses a serious risk, as it can lead to Command Line Execution through SQL Injection. By bypassing input validation, an attacker can manipulate the database, potentially gaining unauthorized access or causing data damage. Organizations using Elra Parkmatik are urged to upgrade to a patched version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r-eNzU
https://www.cve.org/CVERecord?id=CVE-2023-1547
https://nvd.nist.gov/vuln/detail/CVE-2023-1547

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Know What Matters

For Customers

For Partners

CVE-2023-1547

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations