Vulnerabilities > CVE-2023-2140 - Server-Side Request Forgery (SSRF) vulnerability in 3DS Delmia Apriso 2017/2019/2022

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
3ds
CWE-918

Summary

A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022 could allow an unauthenticated attacker to issue requests to arbitrary hosts on behalf of the server running the DELMIA Apriso application.

Vulnerable Configurations

Part Description Count
Application
3Ds
3

Common Weakness Enumeration (CWE)