How severe is CVE-2023-31450?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2023-31450?

This is classified as CWE-22, which is a common weakness in software security.

CVE-2023-31450 - MEDIUM Severity | CVSS 4.7

Vulnerability Description

A path traversal vulnerability was identified in the SQL v2 sensors in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the SQL v2 sensors into behaving differently for existing files and non-existing files. This made it possible to traverse paths, allowing the sensor to execute files outside the designated custom sensors folder. The severity of this vulnerability is medium and received a score of 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

Related Vulnerabilities

CVE-2017-10273

MEDIUM

CVSS:4.7(Medium)

Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Deployment). Supported versions that are affected are 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3...

CWE-222017

CVE-2018-1000532

MEDIUM

CVSS:4.7(Medium)

beep version 1.3 and up contains a External Control of File Name or Path vulnerability in --device option that can result in Local unprivileged user can inhibit execution of arbitrary programs by othe...

CWE-222018

CVE-2018-1261

MEDIUM

CVSS:4.7(Medium)

Spring-integration-zip versions prior to 1.0.1 exposes an arbitrary file write vulnerability, which can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, x...

CWE-222018

CVE-2018-1263

MEDIUM

CVSS:4.7(Medium)

Addresses partial fix in CVE-2018-1261. Pivotal spring-integration-zip, versions prior to 1.0.2, exposes an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archi...

CWE-222018

CVE-2018-8889

MEDIUM

CVSS:4.7(Medium)

A directory traversal vulnerability in the Connect Service of the BlackBerry Enterprise Mobility Server (BEMS) 2.8.17.29 and earlier could allow an attacker to retrieve arbitrary files in the context ...

CWE-222018

CVE-2021-20669

MEDIUM

CVSS:4.7(Medium)

Path traversal vulnerability in GROWI versions v4.2.2 and earlier allows an attacker with administrator rights to read and/or delete an arbitrary path via a specially crafted URL.

CWE-222021