Summaryinfo

A vulnerability has been found in Dassault Systèmes DELMIA Apriso up to 2024 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to log file. This vulnerability was named CVE-2024-0935. The attack needs to be approached locally. There is no exploit available. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Detailsinfo

A vulnerability, which was classified as problematic, was found in Dassault Systèmes DELMIA Apriso up to 2024. This affects an unknown code block. The manipulation with an unknown input leads to a log file vulnerability. CWE is classifying the issue as CWE-532. Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information. This is going to have an impact on confidentiality. The summary by CVE is:

An insertion of Sensitive Information into Log File vulnerability is affecting DELMIA Apriso Release 2019 through Release 2024

The weakness was shared 02/01/2024. It is possible to read the advisory at 3ds.com. This vulnerability is uniquely identified as CVE-2024-0935 since 01/26/2024. The technical details are unknown and an exploit is not publicly available. The attack technique deployed by this issue is T1592 according to MITRE ATT&CK.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Vendor

• Dassault Systèmes

Name

• DELMIA Apriso

Version

• 2024

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion