CVE-2023-37198
published 2023-07-12CVE-2023-37198: A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause remote code execution when an admin user on DCE…
high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that
could cause remote code execution when an admin user on DCE uploads or tampers with install
packages.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| schneider-electric | struxureware_data_center_expert | <= 7.9.3 | — |
| schneider_electric | struxureware_data_center_expert | — | — |