CVE-2023-37199
published 2023-07-12CVE-2023-37199: A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause remote code execution when an admin user on DCE…
high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that
could cause remote code execution when an admin user on DCE tampers with backups which
are then manually restored.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| schneider-electric | struxureware_data_center_expert | <= 7.9.3 | — |
| schneider_electric | struxureware_data_center_expert | — | — |