CVE-2023-5136

{"id": "CVE-2023-5136", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@ni.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2023-11-08T16:15:11.067", "references": [{"url": "https://www.ni.com/en/support/documentation/supplemental/23/incorrect-permission-assignment-in-the-topografix-dataplug-for-gpx.html", "tags": ["Vendor Advisory"], "source": "security@ni.com"}, {"url": "https://www.ni.com/en/support/documentation/supplemental/23/incorrect-permission-assignment-in-the-topografix-dataplug-for-gpx.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security@ni.com", "description": [{"lang": "en", "value": "CWE-611"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-732"}]}], "descriptions": [{"lang": "en", "value": "An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file."}, {"lang": "es", "value": "Una asignaci\u00f3n de permiso incorrecta en TopoGrafix DataPlugin para GPX podr\u00eda resultar en la divulgaci\u00f3n de informaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad haciendo que un usuario abra un archivo de datos especialmente manipulado."}], "lastModified": "2024-11-21T08:41:08.100", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ni:topografix_data_plugin:2023:-:*:*:*:gpx:*:*", "vulnerable": true, "matchCriteriaId": "15732407-23EA-4542-96A2-5C878FB8481F"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ni:diadem:2014:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D2B3E07-5832-4ABE-B7F8-EDFFC91940E5"}, {"criteria": "cpe:2.3:a:ni:diadem:2015:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3D7F82A-8406-4B50-A9BA-CCB34A974F87"}, {"criteria": "cpe:2.3:a:ni:diadem:2015:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5CA88F99-AE0F-4B98-B86A-4B5289520DA0"}, {"criteria": "cpe:2.3:a:ni:diadem:2017:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A59840A-5F72-4FB9-8B67-A91439E7DA1E"}, {"criteria": "cpe:2.3:a:ni:diadem:2017:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DBC89AC-5BA4-432B-96D8-57A5E9B6A338"}, {"criteria": "cpe:2.3:a:ni:diadem:2018:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C853AE58-D3C8-4627-A0D8-542382650932"}, {"criteria": "cpe:2.3:a:ni:diadem:2018:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87C3A752-E66D-4F4C-B6FB-F572EAF092B0"}, {"criteria": "cpe:2.3:a:ni:diadem:2019:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F41FF00-1098-43B3-822A-8AC92B991F20"}, {"criteria": "cpe:2.3:a:ni:diadem:2019:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3525F92B-30ED-4798-BF89-14D8EFCD7CC3"}, {"criteria": "cpe:2.3:a:ni:diadem:2020:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D3458A8-E460-4297-A69F-C4DDE1D232F3"}, {"criteria": "cpe:2.3:a:ni:diadem:2020:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49A24A9A-8601-49DA-8E7D-798D2E399273"}, {"criteria": "cpe:2.3:a:ni:diadem:2021:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4101C29B-BB75-47B6-9D2D-BC5491969EEB"}, {"criteria": "cpe:2.3:a:ni:diadem:2021:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10D8EBAC-D4CF-4841-AE65-5F8A1121788C"}, {"criteria": "cpe:2.3:a:ni:diadem:2022:q2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C10702F-B2C2-46FF-88FF-2A314B502ED4"}, {"criteria": "cpe:2.3:a:ni:diadem:2022:q4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C05E9A6-7B7D-4928-A60E-24942D4D51F5"}, {"criteria": "cpe:2.3:a:ni:diadem:2023:q2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9044BC02-8801-4DBD-8529-49DB7F0D3452"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ni:veristand:2013:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F499514A-19DE-469D-9EF6-F7EC1E6810BC"}, {"criteria": "cpe:2.3:a:ni:veristand:2014:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D68D0C2C-C42D-4B8C-A3D6-93A136E5DD21"}, {"criteria": "cpe:2.3:a:ni:veristand:2015:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29FA2254-FF6C-4FCA-8363-B36E4C38C6BC"}, {"criteria": "cpe:2.3:a:ni:veristand:2015:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18577799-88E6-44C1-9477-3261EA98ED4F"}, {"criteria": "cpe:2.3:a:ni:veristand:2016:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA705301-337E-4162-8810-BF20B23CB9E5"}, {"criteria": "cpe:2.3:a:ni:veristand:2017:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5F1303A-A8D9-4E60-BB96-3B00AAAAD8A2"}, {"criteria": "cpe:2.3:a:ni:veristand:2018:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FAF54A5-268E-4A76-9C31-F3E2FE465464"}, {"criteria": "cpe:2.3:a:ni:veristand:2018:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E98B7755-005F-4036-AF81-002F113DBCD6"}, {"criteria": "cpe:2.3:a:ni:veristand:2019:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55743F60-FA68-494E-87B9-8E22787EEF4C"}, {"criteria": "cpe:2.3:a:ni:veristand:2019:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CA4257E-5E97-46D6-BE97-205F6FC18CA3"}, {"criteria": "cpe:2.3:a:ni:veristand:2019:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "541008B0-5703-4937-9304-C09645454085"}, {"criteria": "cpe:2.3:a:ni:veristand:2019:r3f1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5970C421-B8B1-459F-85DB-E74A0B31EDCB"}, {"criteria": "cpe:2.3:a:ni:veristand:2020:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55ADD725-44EE-4F28-B9A3-923094352C4C"}, {"criteria": "cpe:2.3:a:ni:veristand:2020:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58D19502-B3F2-4D43-A4D2-CF6CD2E41E48"}, {"criteria": "cpe:2.3:a:ni:veristand:2020:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAF6DE83-A202-4A90-8B05-735D686FDB8E"}, {"criteria": "cpe:2.3:a:ni:veristand:2020:r4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C90473FA-81CB-4984-8B4C-2EE907ED9DC0"}, {"criteria": "cpe:2.3:a:ni:veristand:2020:r5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B09E4798-97D8-41B7-9E3C-A5D45F8C8CB5"}, {"criteria": "cpe:2.3:a:ni:veristand:2020:r6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03D1BFD1-E75E-4816-9D3B-380DACB50EFC"}, {"criteria": "cpe:2.3:a:ni:veristand:2021:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0BC96D8-AB88-47BF-B956-818BF9C8E91E"}, {"criteria": "cpe:2.3:a:ni:veristand:2021:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD0B65DD-E62E-4D7F-90C4-EE8EACE23F8B"}, {"criteria": "cpe:2.3:a:ni:veristand:2021:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "006E30B2-90DC-475D-835B-030A5801332F"}, {"criteria": "cpe:2.3:a:ni:veristand:2023:q1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "326C3FE1-6CE7-4FD4-9E8A-C14E1A0BE743"}, {"criteria": "cpe:2.3:a:ni:veristand:2023:q2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "406FE5DA-02BE-4981-8F0E-C77840C5CB5F"}, {"criteria": "cpe:2.3:a:ni:veristand:2023:q3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B89A08C-C66E-400A-A224-DF6ED111D565"}, {"criteria": "cpe:2.3:a:ni:veristand:2023:q4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A151AB1-BD09-4DF0-B7DD-4D8E1E7E026C"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ni:flexlogger:2018:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C2C31C3-9D4C-4FEE-8457-31E9F66CD043"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2018:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F16894B6-5151-41DE-A1AC-7FB3C23DC05F"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2018:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BE623D6-DE16-40ED-82CF-3CCD975B5C92"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2018:r4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0375EAF9-35F8-43AB-A26D-79B1C74E6055"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2019:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E8E8A79-BCBA-42D0-A4D5-4134327FDB07"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2019:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91A2082B-47F5-4DFD-A9CE-115DB223B4A0"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2019:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "758C8631-05F4-415B-861A-FF47896756BB"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2019:r4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA0E5A70-2CE4-485F-97BC-CEF8FC2C6C62"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2020:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "852AC7E1-DE18-4EAD-9079-7E3DF5EAD9A2"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2020:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "055A3E53-09AC-4CD4-8724-21E3F591550E"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2020:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEE4C627-4298-469E-91BA-08C711F7EE14"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2020:r4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7BB6592-DBC5-4D4C-96AD-CDE24E1F576A"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2021:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "008505B6-6295-46CE-A923-27958172F026"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2021:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE96AE31-D36F-446A-96A5-46C762818A96"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2021:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "336F1E07-92EE-4BF5-AA14-981BFB67965C"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2021:r4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D3A4BF7-5BF0-4EE5-BF7C-8C514D6238B5"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2022:q2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0213180D-04BD-4979-88BE-B21F385469CF"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2022:q4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A336AAE6-FA87-4900-AECD-12997D064A64"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2023:q1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CBFBD9F4-9FFF-44B2-8E95-2DEAC4476A88"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2023:q2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA33AE39-F976-4C56-9A4B-8932BC6855C9"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2023:q3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21C2A279-F66F-49D3-A4A8-1D56FEF22B6B"}, {"criteria": "cpe:2.3:a:ni:flexlogger:2023:q4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08133BDF-895D-4D2A-8DAB-C02766DE86B1"}], "operator": "OR"}]}], "sourceIdentifier": "security@ni.com"}