CVE-2024-3300

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-3300
An unsafe .NET object deserialization vulnerability in DELMIA Apriso Release 2019 through Release 2024 could lead to pre-authentication remote code execution.

9.0 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References
Link Resource
https://www.3ds.com/vulnerability/advisories
https://www.3ds.com/vulnerability/advisories
Configurations

No configuration.

History

21 Nov 2024, 09:29

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad de deserialización de objetos .NET inseguros en DELMIA Apriso desde la versión 2019 hasta la versión 2024 podría provocar la ejecución remota de código de autenticación previa.
References () https://www.3ds.com/vulnerability/advisories - () https://www.3ds.com/vulnerability/advisories -

30 May 2024, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-05-30 16:15

Updated : 2024-11-21 09:29

NVD link : CVE-2024-3300

Mitre link : CVE-2024-3300

CVE.ORG link : CVE-2024-3300

JSON object : View

Products Affected

No product.

CWE
CWE-502

Deserialization of Untrusted Data