CVE-2019-6823

CWE-94Code Injection3 documents3 sources
Severity
9.8CRITICAL
EPSS
12.5%
top 6.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Schneider-electric ProclimaProclima Proclima ALL Versions Prior TO Version 8.0.0
Timeline
PublishedJul 15
Latest updateMay 24

Description

A CWE-94: Code Injection vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system in all versions of ProClima prior to version 8.0.0.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5proclima/proclima_all_versions_prior_to_version_8.0.0ProClima all versions prior to version 8.0.0

🔴Vulnerability Details

2
GHSA
GHSA-7w73-hxcj-rf46: A CWE-94: Code Injection vulnerability exists in ProClima (all versions prior to version 82022-05-24
CVEList
CVE-2019-6823: A CWE-94: Code Injection vulnerability exists in ProClima (all versions prior to version 82019-07-15
CVE-2019-6823 (CRITICAL CVSS 9.8) | A CWE-94: Code Injection vulnerabil | cvebase.io