CVSS Score of 10 (low)


Published Oct 4, 2023
Updated: Dec 19, 2023
CWE ID 312


CVE-2023-2809 is a vulnerability that affects Sage 200 Spain version 2023.38.001. It allows a remote attacker to extract SQL database credentials from the DLL application due to plaintext credential usage. This vulnerability could potentially lead to the remote execution of MS SQL commands and privilege escalation on Windows systems. The base severity of this vulnerability is classified as "Critical" according to NIST, with a base score of 9.8 out of 10. To remediate this vulnerability, it is recommended to upgrade to a patched version or apply any available security updates provided by the vendor.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-2809 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options