CVE-2023-3001
First published: Wed Jun 14 2023(Updated: )
A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious payload data, potentially leading to remote code execution when an attacker gets the user to open a malicious file.
Credit: cybersecurity@se.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Schneider-electric Igss Dashboard | <16.0.0.23131 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-3001?
CVE-2023-3001 is a Deserialization of Untrusted Data vulnerability in the Dashboard module that could lead to remote code execution.
What is the severity of CVE-2023-3001?
CVE-2023-3001 has a severity rating of 7.8 (high).
How does CVE-2023-3001 affect Schneider-electric Igss Dashboard?
CVE-2023-3001 affects Schneider-electric Igss Dashboard version 16.0.0.23131 and earlier.
How can CVE-2023-3001 be exploited?
CVE-2023-3001 can be exploited by an attacker tricking the user into opening a malicious file.
How do I fix CVE-2023-3001?
To fix CVE-2023-3001, update Schneider-electric Igss Dashboard to a version beyond 16.0.0.23131.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/schneider-electric
- canonical/schneider-electric igss dashboard