Vulnerability Description
An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ni | Topografix Data Plugin | 2023 |
| Ni | Diadem | 2014 |
| Ni | Veristand | 2013 |
| Ni | Flexlogger | 2018 |
Related Weaknesses (CWE)
References
- https://www.ni.com/en/support/documentation/supplemental/23/incorrect-permissionVendor Advisory
- https://www.ni.com/en/support/documentation/supplemental/23/incorrect-permissionVendor Advisory
FAQ
What is CVE-2023-5136?
CVE-2023-5136 is a vulnerability with a CVSS score of 5.5 (MEDIUM). An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially craf...
How severe is CVE-2023-5136?
CVE-2023-5136 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-5136?
Check the references section above for vendor advisories and patch information. Affected products include: Ni Topografix Data Plugin, Ni Diadem, Ni Veristand, Ni Flexlogger.