CVE-2023-6631

PowerSYSTEM Center versions 2020 Update 16 and prior contain a vulnerability that may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges.
References
Link Resource
https://subnet.com/contact/ Product
https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-01 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

cpe:2.3:a:subnet:powersystem_center:2020:-:*:*:*:*:*:*

History

11 Jan 2024, 20:01

Type Values Removed Values Added
First Time Subnet
Subnet powersystem Center
CWE CWE-428
CPE cpe:2.3:a:subnet:powersystem_center:2020:-:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
References () https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-01 - () https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-01 - Third Party Advisory, US Government Resource
References () https://subnet.com/contact/ - () https://subnet.com/contact/ - Product

08 Jan 2024, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-08 19:15

Updated : 2024-02-28 20:54


NVD link : CVE-2023-6631

Mitre link : CVE-2023-6631

CVE.ORG link : CVE-2023-6631


JSON object : View

Products Affected

subnet

  • powersystem_center
CWE
CWE-428

Unquoted Search Path or Element