CVE-2023-40460
CVSS V2 None
CVSS V3 None
Description
The ACEManager
component of ALEOS 4.16 and earlier does not
validate uploaded
file names and types, which could potentially allow
an authenticated
user to perform client-side script execution within
ACEManager, altering
the device functionality until the device is
restarted.
Overview
- CVE ID
- CVE-2023-40460
- Assigner
- SWI
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-12-04T22:50:04.200Z
- Last Modified Date
- 2023-12-04T22:50:04.200Z
Weakness Enumerations
References
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-40460 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40460 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-25 01:51:11 | Added to TrackCVE |