Knowledge Base Article Deletion Vulnerability in SysAid On-Premise
CVE-2023-47247

4.3MEDIUM

Key Information:

Vendor: Sysaid
Status: Sysaid
Vendor: CVE Published:; 25 December 2023

What is CVE-2023-47247?

Inversions of SysAid On-Premise prior to 23.3.34, users can exploit a specific edge case to delete Knowledge Base articles. This vulnerability allows unauthorized modification of critical documentation, potentially compromising the integrity of knowledge management and risking the loss of valuable information.

References

https://documentation.sysaid.com/docs/23334

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 25, 2023
Vulnerability Reserved
Nov 4, 2023

Sysaid

What is CVE-2023-47247?

References

CVSS V3.1

Timeline