How severe is CVE-2023-27975?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2023-27975?

This is classified as CWE-522, which is a common weakness in software security.

CVE-2023-27975

HIGH Year: 2023

CVSS v3 Score

7.1

High

Weakness Type

CWE-522

View all →

Vulnerability Description

CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause unauthorized access to the project file in EcoStruxure Control Expert when a local user tampers with the memory of the engineering workstation.

CVE-2020-27781

HIGH

CVSS:7.1(High)

User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to a...

CWE-5222020

CVE-2020-9404

HIGH

CVSS:7.1(High)

In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stored in an insecure manner, and may be modified by an attacker with no knowledge of the current passwords.

CWE-5222020

CVE-2021-22778

HIGH

CVSS:7.1(High)

Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Process Expert (all versions...

CWE-5222021

CVE-2021-22780

HIGH

CVSS:7.1(High)

CWE-5222021

CVE-2021-27495

HIGH

CVSS:7.1(High)

Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.7.5,he Ypsomed mylife Cloud reflects the user password durin...

CWE-5222021

CVE-2023-28089

HIGH

CVSS:7.1(High)

An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules

CWE-5222023

CVE-2023-27975

Vulnerability Description

Related Vulnerabilities

CVE-2020-27781

CVE-2020-9404

CVE-2021-22778

CVE-2021-22780

CVE-2021-27495

CVE-2023-28089