We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-47246



Description

In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.

Reserved 2023-11-04 | Published 2023-11-10 | Updated 2024-08-02 | Assigner mitre

CISA Known Exploited Vulnerability

Date added 2023-11-13 | Due date 2023-12-04

Known Ransomware Campaign(s)

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

References

documentation.sysaid.com/...emise-security-enhancements-2023

www.sysaid.com/...ftware-security-vulnerability-notification

documentation.sysaid.com/...atest-version-installation-files

cve.org (CVE-2023-47246)

nvd.nist.gov (CVE-2023-47246)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2023-47246

Support options

Helpdesk Chat, Email, Knowledgebase