VDB

CVE-2023-5869

CVE-2023-5869 PUBLISHED CVSS 8.800000190734863 HIGH

An attacker running as an authenticated PostgreSQL user can provide crafted data and trigger the integer overflow due to such missing overflow check. This can enable the execution of arbitrary code in the system.

EPSS 1.61% · 82.1th percentile

Risk Scores

CVSS v3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C
EPSS Score
1.61%
82.1th percentile

Affected Products

VendorProductVersions
ABBABB Ability™ Symphony® Plus S+ Engineering 2.2
ABBABB Ability™ Symphony® Plus S+ Engineering 2.3
ABBABB Ability™ Symphony® Plus S+ Engineering 2.3 RU1
ABBABB Ability™ Symphony® Plus S+ Engineering 2.3 RU3
ABBABB Ability™ Symphony® Plus S+ Engineering 2.4 SP2
ABBABB Ability™ Symphony® Plus S+ Engineering 2.4
ABBABB Ability™ Symphony® Plus S+ Engineering 2.3 RU2
ABBABB Ability™ Symphony® Plus S+ Engineering 2.4 SP1

Timeline

  • Sep 13, 2022 CVE Published
  • Dec 11, 2023 EPSS Score
  • Dec 12, 2023 EPSS Score
  • Dec 19, 2023 EPSS Score
  • Jan 9, 2024 EPSS Score
  • Mar 8, 2024 EPSS Score
  • Apr 6, 2024 EPSS Score
  • Jun 4, 2024 EPSS Score
  • Jul 3, 2024 EPSS Score
  • Aug 31, 2024 EPSS Score
  • Sep 29, 2024 EPSS Score
  • Oct 5, 2024 Coalition ESS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›