Known Vulnerabilities
CVE-2023-2141
An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could lead to post-authentication remote code execution.
HIGH
CVSS 8.5
Published Apr 21, 2023
CVE-2023-2140
A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022 could allow an unauthenticated attacker to issue requests to arbitrary hosts on behalf of the server running the DELMIA Apriso application.
HIGH
CVSS 7.5
Published Apr 21, 2023
CVE-2023-2139
A reflected Cross-site Scripting (XSS) Vulnerability in DELMIA Apriso Release 2017 through Release 2022 allows an attacker to execute arbitrary script code.
MEDIUM
CVSS 5.4
Published Apr 21, 2023