DELMIA Apriso
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-3300 | Cri | 0.61 | 9.0 | 0.32 | May 30, 2024 | An unsafe .NET object deserialization vulnerability in DELMIA Apriso Release 2019 through Release 2024 could lead to pre-authentication remote code execution. | ||
| CVE-2025-6205 | 0.19 | — | 0.83 | KEV | Aug 4, 2025 | A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access to the application. | ||
| CVE-2025-5086 | 0.15 | — | 0.41 | KEV | Jun 2, 2025 | A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could lead to a remote code execution. | ||
| CVE-2025-6204 | 0.13 | — | 0.10 | KEV | Aug 4, 2025 | An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code. | ||
| CVE-2024-0935 | 0.00 | — | 0.00 | Feb 1, 2024 | Insertion of Sensitive Information into Log File vulnerabilities are affecting DELMIA Apriso Release 2019 through Release 2024 | |||
| CVE-2023-2141 | 0.00 | — | 0.03 | Apr 21, 2023 | An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could lead to post-authentication remote code execution. | |||
| CVE-2023-2140 | 0.00 | — | 0.00 | Apr 21, 2023 | A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022 could allow an unauthenticated attacker to issue requests to arbitrary hosts on behalf of the server running the DELMIA Apriso application. | |||
| CVE-2023-2139 | 0.00 | — | 0.00 | Apr 21, 2023 | A reflected Cross-site Scripting (XSS) Vulnerability in DELMIA Apriso Release 2017 through Release 2022 allows an attacker to execute arbitrary script code. |
- risk 0.61cvss 9.0epss 0.32
An unsafe .NET object deserialization vulnerability in DELMIA Apriso Release 2019 through Release 2024 could lead to pre-authentication remote code execution.
- risk 0.19cvss —epss 0.83
A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access to the application.
- risk 0.15cvss —epss 0.41
A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could lead to a remote code execution.
- risk 0.13cvss —epss 0.10
An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code.
- CVE-2024-0935Feb 1, 2024risk 0.00cvss —epss 0.00
Insertion of Sensitive Information into Log File vulnerabilities are affecting DELMIA Apriso Release 2019 through Release 2024
- CVE-2023-2141Apr 21, 2023risk 0.00cvss —epss 0.03
An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could lead to post-authentication remote code execution.
- CVE-2023-2140Apr 21, 2023risk 0.00cvss —epss 0.00
A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022 could allow an unauthenticated attacker to issue requests to arbitrary hosts on behalf of the server running the DELMIA Apriso application.
- CVE-2023-2139Apr 21, 2023risk 0.00cvss —epss 0.00
A reflected Cross-site Scripting (XSS) Vulnerability in DELMIA Apriso Release 2017 through Release 2022 allows an attacker to execute arbitrary script code.