ghsa-x95r-7f45-c9ff
Vulnerability from github
Published
2023-09-14 18:32
Modified
2024-04-04 07:40
Severity
Details
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application allows users to upload arbitrary file types. This could allow an attacker to upload malicious files, that could potentially lead to code tampering.
{ "affected": [], "aliases": [ "CVE-2023-40731" ], "database_specific": { "cwe_ids": [ "CWE-434" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2023-09-12T10:15:29Z", "severity": "HIGH" }, "details": "A vulnerability has been identified in QMS Automotive (All versions \u003c V12.39). The affected application allows users to upload arbitrary file types. This could allow an attacker to upload malicious files, that could potentially lead to code tampering.", "id": "GHSA-x95r-7f45-c9ff", "modified": "2024-04-04T07:40:34Z", "published": "2023-09-14T18:32:40Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40731" }, { "type": "WEB", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-147266.pdf" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }
Loading...