What is CVE-2023-39478?

CVE-2023-39478 is a medium-severity vulnerability in Softing Secure Integration Server, classified under Exposure of Resource to Wrong Sphere. CVSS score: 6.6/10. Published 2024-05-03.

How severe is CVE-2023-39478?

Medium severity. CVSS v3 base score is 6.6 out of 10.

Vulnerability in Softing Secure Integration Server

CVE-2023-39478

Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server…

EPSS: 0.003 (54.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.6 (Medium). Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Softing Secure Integration Server — versions 1.22.0.8686

Weakness classification (CWE)

CWE-668 — Exposure of Resource to Wrong Sphere

References

ZDI-23-1060 (x_research-advisory)

Frequently asked questions

What is CVE-2023-39478?: CVE-2023-39478 is a medium-severity vulnerability in Softing Secure Integration Server, classified under Exposure of Resource to Wrong Sphere. CVSS score: 6.6/10. Published 2024-05-03.
How severe is CVE-2023-39478?: Medium severity. CVSS v3 base score is 6.6 out of 10.