5.3
CVE-2023-5514
- EPSS 0.29%
- Veröffentlicht 01.11.2023 03:15:07
- Zuletzt bearbeitet 21.11.2024 08:41:55
- Quelle cybersecurity@hitachienergy.co
- CVE-Watchlists
- Unerledigt
LoginThe response messages received from the eSOMS report generation using certain parameter queries with full file path can be abused for enumerating the local file system structure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hitachienergy ≫ Esoms Version <= 6.3.13
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.29% | 0.519 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| cybersecurity@hitachienergy.com | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-209 Generation of Error Message Containing Sensitive Information
The product generates an error message that includes sensitive information about its environment, users, or associated data.