In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.
History

Wed, 14 Aug 2024 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Sysaid sysaid
CPEs cpe:2.3:a:sysaid:sysaid_on-premises:*:*:*:*:*:*:*:* cpe:2.3:a:sysaid:sysaid:*:*:*:*:on-premises:*:*:*
Vendors & Products Sysaid sysaid On-premises
Sysaid sysaid

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-11-10T00:00:00

Updated: 2024-08-02T21:09:36.042Z

Reserved: 2023-11-04T00:00:00

Link: CVE-2023-47246

cve-icon Vulnrichment

Updated: 2024-08-02T21:09:36.042Z

cve-icon NVD

Status : Analyzed

Published: 2023-11-10T06:15:30.510

Modified: 2024-12-20T17:20:48.827

Link: CVE-2023-47246

cve-icon Redhat

No data.