Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OS Command Injection vulnerability affecting documentation server on certain Releases of 3DEXPERIENCE, SIMULIA Abaqus, SIMULIA Isight and CATIA Composer
Vulnerability Description
An OS Command Injection vulnerability affecting documentation server on 3DEXPERIENCE from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x, SIMULIA Abaqus from Release 2022 through Release 2024, SIMULIA Isight from Release 2022 through Release 2024 and CATIA Composer from Release R2023 through Release R2024. A specially crafted HTTP request can lead to arbitrary command execution.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Dassault Systèmes 3DEXPERIENCE 安全漏洞
Vulnerability Description
Dassault Systèmes 3DEXPERIENCE是法国达索系统(Dassault Systèmes)公司的一种业务与创新平台。 3DEXPERIENCE、SIMULIA Abaqus、SIMULIA Isight以及CATIA Composer存在安全漏洞,该漏洞源于存在操作系统命令注入漏洞,特制的HTTP请求可能导致任意命令执行。
CVSS Information
N/A
Vulnerability Type
N/A