CVE-2023-4662
15.09.2023, 09:15
Execution with Unnecessary Privileges vulnerability in Saphira Saphira Connect allows Remote Code Inclusion.This issue affects Saphira Connect: before 9.Enginsight
| Vendor | Product | Version |
|---|---|---|
| saphira | connect | 𝑥 < 9.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-250 - Execution with Unnecessary PrivilegesThe software performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
- CWE-269 - Improper Privilege ManagementThe software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.