CVE-2023-25913
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Aug 21, 2023
Updated: Aug 24, 2023
CWE ID 287
CWE ID 200
Summary
CVE-2023-25914 is a vulnerability that allows attackers to gain unauthorized access to system files on the server through its XML interface. The issue arises from insufficient restrictions in place, enabling malicious actors to retrieve sensitive data and potentially cause damage to the affected system. This vulnerability poses a significant risk to the security and confidentiality of data stored on the server and should be addressed promptly through appropriate patches or mitigations.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Danfoss