Insertion of Sensitive Information into Log File vulnerabilities affecting DELMIA Apriso Release 2019 through Release 2024
CVE-2024-0935

7.5HIGH

Key Information:

Vendor: Dassault Systèmes
Status: DELMIA Apriso
Vendor: CVE Published:; 1 February 2024

🔔 Create Dassault Systèmes Vulnerability Alert

What is CVE-2024-0935?

The vulnerability allows the insertion of sensitive information into log files within DELMIA Apriso versions 2019 through 2024. This flaw can lead to unauthorized access to confidential data, putting organizations at risk of data breaches. Proper logging practices and enhanced security measures are essential to mitigate potential exposure and secure sensitive information from unauthorized access.

Affected Version(s)

DELMIA Apriso Apriso 2019 Golden

DELMIA Apriso Apriso 2020 Golden

DELMIA Apriso Apriso 2021 Golden

References

https://www.3ds.com/vulnerability/advisories

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 1, 2024
Vulnerability Reserved
Jan 26, 2024