Vulnerabilities > CVE-2023-32226 - Files or Directories Accessible to External Parties vulnerability in Sysaid On-Premises

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

sysaid

CWE-552

NVD

Published: 2023-07-30

Updated: 2023-08-03

Summary

Sysaid - CWE-552: Files or Directories Accessible to External Parties - Authenticated users may exfiltrate files from the server via an unspecified method.

Vulnerable Configurations

Part	Description	Count
Application	Sysaid Sysaid Sysaid ON Premises 5.0 Sysaid Sysaid ON Premises 5.0.06 Sysaid Sysaid ON Premises 5.1 Sysaid Sysaid ON Premises 5.5 Sysaid Sysaid ON Premises 5.5.06 Sysaid Sysaid ON Premises 5.6 Sysaid Sysaid ON Premises 6.0 Sysaid Sysaid ON Premises 6.0.9 Sysaid Sysaid ON Premises 6.5 Sysaid Sysaid ON Premises 7.0 Sysaid Sysaid ON Premises 7.5 Sysaid Sysaid ON Premises 8.0 Sysaid Sysaid ON Premises 8.1 Sysaid Sysaid ON Premises 8.5 Sysaid Sysaid ON Premises 9.0 Sysaid Sysaid ON Premises 9.0.10 Sysaid Sysaid ON Premises 9.0.30 Sysaid Sysaid ON Premises 9.0.40 Sysaid Sysaid ON Premises 9.0.52 Sysaid Sysaid ON Premises 9.0.53 Sysaid Sysaid ON Premises 9.1 Sysaid Sysaid ON Premises 9.1.0 Sysaid Sysaid ON Premises 14.1 Sysaid Sysaid ON Premises 14.2 Sysaid Sysaid ON Premises 14.3 Sysaid Sysaid ON Premises 14.4 Sysaid Sysaid ON Premises 14.4.00 Sysaid Sysaid ON Premises 14.4.1 Sysaid Sysaid ON Premises 14.4.2 Sysaid Sysaid ON Premises 14.4.3 Sysaid Sysaid ON Premises 15.1.20 Sysaid Sysaid ON Premises 15.1.30 Sysaid Sysaid ON Premises 15.1.50 Sysaid Sysaid ON Premises 15.1.70 Sysaid Sysaid ON Premises 15.2 Sysaid Sysaid ON Premises 15.2.03 Sysaid Sysaid ON Premises 15.2.04 Sysaid Sysaid ON Premises 15.2.05 Sysaid Sysaid ON Premises 16.3 Sysaid Sysaid ON Premises 16.3.16 Sysaid Sysaid ON Premises 16.3.17 Sysaid Sysaid ON Premises 17.2 Sysaid Sysaid ON Premises 17.2.03 Sysaid Sysaid ON Premises 17.3 Sysaid Sysaid ON Premises 17.3.57 Sysaid Sysaid ON Premises 18.1 Sysaid Sysaid ON Premises 18.1.54 Sysaid Sysaid ON Premises 19.2 Sysaid Sysaid ON Premises 19.4 Sysaid Sysaid ON Premises 20.1.11 Sysaid Sysaid ON Premises 20.2 Sysaid Sysaid ON Premises 21.4.45 Sysaid Sysaid ON Premises 22.1.65 Sysaid Sysaid ON Premises 22.3.35 Sysaid Sysaid ON Premises 22.4.45	55

Common Weakness Enumeration (CWE)

CWE-552 - Files or Directories Accessible to External Parties

References

https://www.gov.il/en/Departments/faq/cve_advisories