CVE-2023-38640

CVSS V2 None CVSS V3 None

Description

A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.22). The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to read and modify configuration data in the context of the application process.

Overview

CVE ID
CVE-2023-38640

Assigner
siemens

Vulnerability Status
PUBLISHED

Published Version
2023-10-10T10:21:25.048Z

Last Modified Date
2024-06-11T15:01:07.657Z

Weakness Enumerations

CWE	URL
CWE-732	http://cwe.mitre.org/data/definitions/732.html

References

Reference URL	Reference Tags
https://cert-portal.siemens.com/productcert/pdf/ssa-035466.pdf
https://cert-portal.siemens.com/productcert/html/ssa-035466.html

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-38640
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38640

History

Created	Old Value	New Value	Data Type	Notes
2024-06-25 21:02:51				Added to TrackCVE