CVSS Score of 10 (low)


Published Jun 23, 2023
Updated: Jul 5, 2023


CVE-2023-34203 is a vulnerability affecting In Progress OpenEdge OEM (OpenEdge Management) and OEE (OpenEdge Explorer) versions prior to 12.7, as well as OpenEdge LTS before 11.7.16, 12.x before 12.2.12, and 12.3.x through 12.6.x before 12.7. This vulnerability allows a remote user with any OEM or OEE role to execute a URL injection attack, potentially enabling them to change their identity or role membership, such as escalating to admin privileges. The vulnerability has a high severity rating and can result in a high impact on confidentiality, integrity, and availability of the affected systems. Remediation includes updating the affected versions of OpenEdge OEM and OEE to version 12.7 or later.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-34203 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options