Vulnerability Details CVE-2023-29492
Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.255
EPSS Ranking 96.0%
CVSS Severity
CVSS v3 Score 9.8
Proposed Action
Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account.
Ransomware Campaign
Unknown
References
Products affected by CVE-2023-29492
-
cpe:2.3:a:3rdmill:novi_survey:-
-
cpe:2.3:a:3rdmill:novi_survey:2.1
-
cpe:2.3:a:3rdmill:novi_survey:2.2
-
cpe:2.3:a:3rdmill:novi_survey:2.3
-
cpe:2.3:a:3rdmill:novi_survey:2.4
-
cpe:2.3:a:3rdmill:novi_survey:2.5
-
cpe:2.3:a:3rdmill:novi_survey:3.0
-
cpe:2.3:a:3rdmill:novi_survey:3.1
-
cpe:2.3:a:3rdmill:novi_survey:3.2
-
cpe:2.3:a:3rdmill:novi_survey:3.3
-
cpe:2.3:a:3rdmill:novi_survey:3.4
-
cpe:2.3:a:3rdmill:novi_survey:3.5
-
cpe:2.3:a:3rdmill:novi_survey:3.6
-
cpe:2.3:a:3rdmill:novi_survey:3.7
-
cpe:2.3:a:3rdmill:novi_survey:3.8
-
cpe:2.3:a:3rdmill:novi_survey:3.9
-
cpe:2.3:a:3rdmill:novi_survey:4.0
-
cpe:2.3:a:3rdmill:novi_survey:4.1
-
cpe:2.3:a:3rdmill:novi_survey:4.2
-
cpe:2.3:a:3rdmill:novi_survey:4.3
-
cpe:2.3:a:3rdmill:novi_survey:4.4
-
cpe:2.3:a:3rdmill:novi_survey:4.5
-
cpe:2.3:a:3rdmill:novi_survey:4.6
-
cpe:2.3:a:3rdmill:novi_survey:4.7
-
cpe:2.3:a:3rdmill:novi_survey:5.0
-
cpe:2.3:a:3rdmill:novi_survey:5.1
-
cpe:2.3:a:3rdmill:novi_survey:5.10
-
cpe:2.3:a:3rdmill:novi_survey:5.2
-
cpe:2.3:a:3rdmill:novi_survey:5.3
-
cpe:2.3:a:3rdmill:novi_survey:5.4
-
cpe:2.3:a:3rdmill:novi_survey:5.5
-
cpe:2.3:a:3rdmill:novi_survey:5.6
-
cpe:2.3:a:3rdmill:novi_survey:5.7
-
cpe:2.3:a:3rdmill:novi_survey:5.8
-
cpe:2.3:a:3rdmill:novi_survey:5.9
-
cpe:2.3:a:3rdmill:novi_survey:6.0
-
cpe:2.3:a:3rdmill:novi_survey:6.1
-
cpe:2.3:a:3rdmill:novi_survey:6.10
-
cpe:2.3:a:3rdmill:novi_survey:6.2
-
cpe:2.3:a:3rdmill:novi_survey:6.3
-
cpe:2.3:a:3rdmill:novi_survey:6.4
-
cpe:2.3:a:3rdmill:novi_survey:6.5
-
cpe:2.3:a:3rdmill:novi_survey:6.6
-
cpe:2.3:a:3rdmill:novi_survey:6.7
-
cpe:2.3:a:3rdmill:novi_survey:6.8
-
cpe:2.3:a:3rdmill:novi_survey:6.9
-
cpe:2.3:a:3rdmill:novi_survey:7.0
-
cpe:2.3:a:3rdmill:novi_survey:7.1
-
cpe:2.3:a:3rdmill:novi_survey:7.2
-
cpe:2.3:a:3rdmill:novi_survey:7.3
-
cpe:2.3:a:3rdmill:novi_survey:7.4
-
cpe:2.3:a:3rdmill:novi_survey:7.5
-
cpe:2.3:a:3rdmill:novi_survey:7.6
-
cpe:2.3:a:3rdmill:novi_survey:7.7
-
cpe:2.3:a:3rdmill:novi_survey:7.8
-
cpe:2.3:a:3rdmill:novi_survey:7.9
-
cpe:2.3:a:3rdmill:novi_survey:8.0
-
cpe:2.3:a:3rdmill:novi_survey:8.1
-
cpe:2.3:a:3rdmill:novi_survey:8.2
-
cpe:2.3:a:3rdmill:novi_survey:8.3
-
cpe:2.3:a:3rdmill:novi_survey:8.4
-
cpe:2.3:a:3rdmill:novi_survey:8.5
-
cpe:2.3:a:3rdmill:novi_survey:8.6
-
cpe:2.3:a:3rdmill:novi_survey:8.7
-
cpe:2.3:a:3rdmill:novi_survey:8.8
-
cpe:2.3:a:3rdmill:novi_survey:8.9