How severe is CVE-2023-25839?

This vulnerability has a severity rating of HIGH with a CVSS score of 7 out of 10.

What type of vulnerability is CVE-2023-25839?

This is classified as CWE-89, which is a common weakness in software security.

CVE-2023-25839 - HIGH Severity | CVSS 7

Vulnerability Description

There is SQL injection vulnerability in Esri ArcGIS Insights Desktop for Mac and Windows version 2022.1 that may allow a local, authorized attacker to execute arbitrary SQL commands against the back-end database. The effort required to generate the crafted input required to exploit this issue is complex and requires significant effort before a successful attack can be expected.

Related Vulnerabilities

CVE-2025-24793

HIGH

CVSS:7.0(High)

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vul...

CWE-892025

CVE-2016-1393

HIGH

CVSS:7.1(High)

SQL injection vulnerability in Cisco Cloud Network Automation Provisioner (CNAP) 1.0 and 1.1 allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuy7217...

CWE-892016

CVE-2016-9992

HIGH

CVSS:7.1(High)

IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or d...

CWE-892016

CVE-2016-9993

HIGH

CVSS:7.1(High)

CWE-892016

CVE-2016-9994

HIGH

CVSS:7.1(High)

CWE-892016

CVE-2020-14349

HIGH

CVSS:7.1(High)

It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in a...

CWE-892020