By changing the filename parameter in the request, an attacker could
delete any file with the permissions of the Vuforia server account.
References
Link | Resource |
---|---|
https://https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13 | Broken Link |
https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2023-06-07T21:46:20.797Z
Updated: 2023-06-07T21:46:20.797Z
Reserved: 2023-04-24T23:30:29.256Z
Link: CVE-2023-29152
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-06-07T22:15:09.737
Modified: 2023-06-15T19:03:37.987
Link: CVE-2023-29152
JSON object: View
Redhat Information
No data.