Vulnerability Details CVE-2023-1997
An OS Command Injection vulnerability exists in SIMULIA 3DOrchestrate from Release 3DEXPERIENCE R2021x through Release 3DEXPERIENCE R2023x. A specially crafted HTTP request can lead to arbitrary command execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.7%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2023-1997
-
cpe:2.3:o:3ds:3dexperience:r2021x
-
cpe:2.3:o:3ds:3dexperience:r2022x
-
cpe:2.3:o:3ds:3dexperience:r2023x