Aeonix
CVE-2023-37219
HIGH
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Tadiran Telecom Composit - CWE-1236: Improper Neutralization of Formula Elements in a CSV File
AnalysisAI
Tadiran Telecom Composit - CWE-1236: Improper Neutralization of Formula Elements in a CSV File. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-1236. Tadiran Telecom Composit - CWE-1236: Improper Neutralization of Formula Elements in a CSV File Affected products include: Tadirantele Aeonix.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Tadiran Telecom Aeonix - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'). Rated hi
Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy. Rated medium severity (CVSS 5.3), this vulnerability
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today