Vulnerabilities > 3DS > Delmia Apriso

DATE CVE VULNERABILITY TITLE RISK
2024-02-01 CVE-2024-0935 Information Exposure Through Log Files vulnerability in 3DS Delmia Apriso 2019/2022/2024
Insertion of Sensitive Information into Log File vulnerabilities are affecting DELMIA Apriso Release 2019 through Release 2024
network
low complexity
3ds CWE-532
7.5
2023-04-21 CVE-2023-2139 Cross-site Scripting vulnerability in 3DS Delmia Apriso
A reflected Cross-site Scripting (XSS) Vulnerability in DELMIA Apriso Release 2017 through Release 2022 allows an attacker to execute arbitrary script code.
network
low complexity
3ds CWE-79
6.1
2023-04-21 CVE-2023-2140 Server-Side Request Forgery (SSRF) vulnerability in 3DS Delmia Apriso
A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022 could allow an unauthenticated attacker to issue requests to arbitrary hosts on behalf of the server running the DELMIA Apriso application.
network
low complexity
3ds CWE-918
7.5
2023-04-21 CVE-2023-2141 Deserialization of Untrusted Data vulnerability in 3DS Delmia Apriso
An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could lead to post-authentication remote code execution.
network
low complexity
3ds CWE-502
8.8