Vulnerabilites related to ni - diadem
CVE-2023-5136 (GCVE-0-2023-5136)
Vulnerability from cvelistv5
Published
2023-11-08 15:24
Modified
2025-06-11 14:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Summary
An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ► | NI | TopoGrafix DataPlugin for GPX |
Version: 0 < 2023 Q4 |
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:07.459Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.ni.com/en/support/documentation/supplemental/23/incorrect-permission-assignment-in-the-topografix-dataplug-for-gpx.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5136",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T14:20:44.035737Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T14:34:24.037Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "TopoGrafix DataPlugin for GPX",
"vendor": "NI",
"versions": [
{
"lessThan": "2023 Q4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "DIAdem",
"vendor": "NI",
"versions": [
{
"lessThan": "2023 Q2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "VeriStand",
"vendor": "NI",
"versions": [
{
"lessThanOrEqual": "2023 Q4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "FlexLogger",
"vendor": "NI",
"versions": [
{
"lessThanOrEqual": "2023 Q4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T20:27:28.145Z",
"orgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"shortName": "NI"
},
"references": [
{
"url": "https://www.ni.com/en/support/documentation/supplemental/23/incorrect-permission-assignment-in-the-topografix-dataplug-for-gpx.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incorrect Permission Assignment in the TopoGrafix DataPlugin for GPX",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"assignerShortName": "NI",
"cveId": "CVE-2023-5136",
"datePublished": "2023-11-08T15:24:10.867Z",
"dateReserved": "2023-09-22T19:29:47.084Z",
"dateUpdated": "2025-06-11T14:34:24.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5023 (GCVE-0-2013-5023)
Vulnerability from cvelistv5
Published
2013-08-06 18:00
Modified
2024-08-06 16:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files.
References
| ► | URL | Tags |
|---|---|---|
|
|
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:41.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://digital.ni.com/public.nsf/allkb/E6BC4F119D49A97A86257BD3004FE019?OpenDocument"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://digital.ni.com/public.nsf/websearch/5C87A3AA7300868986257B3600501FE6?OpenDocument"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-17T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://digital.ni.com/public.nsf/allkb/E6BC4F119D49A97A86257BD3004FE019?OpenDocument"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://digital.ni.com/public.nsf/websearch/5C87A3AA7300868986257B3600501FE6?OpenDocument"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://digital.ni.com/public.nsf/allkb/E6BC4F119D49A97A86257BD3004FE019?OpenDocument",
"refsource": "CONFIRM",
"url": "http://digital.ni.com/public.nsf/allkb/E6BC4F119D49A97A86257BD3004FE019?OpenDocument"
},
{
"name": "http://digital.ni.com/public.nsf/websearch/5C87A3AA7300868986257B3600501FE6?OpenDocument",
"refsource": "CONFIRM",
"url": "http://digital.ni.com/public.nsf/websearch/5C87A3AA7300868986257B3600501FE6?OpenDocument"
},
{
"name": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument",
"refsource": "CONFIRM",
"url": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5023",
"datePublished": "2013-08-06T18:00:00",
"dateReserved": "2013-07-31T00:00:00",
"dateUpdated": "2024-08-06T16:59:41.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-11-08 16:15
Modified
2024-11-21 08:41
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Summary
An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ni:topografix_data_plugin:2023:-:*:*:*:gpx:*:*",
"matchCriteriaId": "15732407-23EA-4542-96A2-5C878FB8481F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ni:diadem:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2B3E07-5832-4ABE-B7F8-EDFFC91940E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2015:-:*:*:*:*:*:*",
"matchCriteriaId": "B3D7F82A-8406-4B50-A9BA-CCB34A974F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2015:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5CA88F99-AE0F-4B98-B86A-4B5289520DA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2017:-:*:*:*:*:*:*",
"matchCriteriaId": "7A59840A-5F72-4FB9-8B67-A91439E7DA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2017:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2DBC89AC-5BA4-432B-96D8-57A5E9B6A338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "C853AE58-D3C8-4627-A0D8-542382650932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2018:sp1:*:*:*:*:*:*",
"matchCriteriaId": "87C3A752-E66D-4F4C-B6FB-F572EAF092B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2019:-:*:*:*:*:*:*",
"matchCriteriaId": "3F41FF00-1098-43B3-822A-8AC92B991F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2019:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3525F92B-30ED-4798-BF89-14D8EFCD7CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "7D3458A8-E460-4297-A69F-C4DDE1D232F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2020:sp1:*:*:*:*:*:*",
"matchCriteriaId": "49A24A9A-8601-49DA-8E7D-798D2E399273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2021:-:*:*:*:*:*:*",
"matchCriteriaId": "4101C29B-BB75-47B6-9D2D-BC5491969EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2021:sp1:*:*:*:*:*:*",
"matchCriteriaId": "10D8EBAC-D4CF-4841-AE65-5F8A1121788C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2022:q2:*:*:*:*:*:*",
"matchCriteriaId": "7C10702F-B2C2-46FF-88FF-2A314B502ED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2022:q4:*:*:*:*:*:*",
"matchCriteriaId": "8C05E9A6-7B7D-4928-A60E-24942D4D51F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2023:q2:*:*:*:*:*:*",
"matchCriteriaId": "9044BC02-8801-4DBD-8529-49DB7F0D3452",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ni:veristand:2013:sp1:*:*:*:*:*:*",
"matchCriteriaId": "F499514A-19DE-469D-9EF6-F7EC1E6810BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "D68D0C2C-C42D-4B8C-A3D6-93A136E5DD21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2015:-:*:*:*:*:*:*",
"matchCriteriaId": "29FA2254-FF6C-4FCA-8363-B36E4C38C6BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2015:sp1:*:*:*:*:*:*",
"matchCriteriaId": "18577799-88E6-44C1-9477-3261EA98ED4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "CA705301-337E-4162-8810-BF20B23CB9E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F1303A-A8D9-4E60-BB96-3B00AAAAD8A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "4FAF54A5-268E-4A76-9C31-F3E2FE465464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2018:sp1:*:*:*:*:*:*",
"matchCriteriaId": "E98B7755-005F-4036-AF81-002F113DBCD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2019:-:*:*:*:*:*:*",
"matchCriteriaId": "55743F60-FA68-494E-87B9-8E22787EEF4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2019:r2:*:*:*:*:*:*",
"matchCriteriaId": "2CA4257E-5E97-46D6-BE97-205F6FC18CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2019:r3:*:*:*:*:*:*",
"matchCriteriaId": "541008B0-5703-4937-9304-C09645454085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2019:r3f1:*:*:*:*:*:*",
"matchCriteriaId": "5970C421-B8B1-459F-85DB-E74A0B31EDCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "55ADD725-44EE-4F28-B9A3-923094352C4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "58D19502-B3F2-4D43-A4D2-CF6CD2E41E48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2020:r3:*:*:*:*:*:*",
"matchCriteriaId": "AAF6DE83-A202-4A90-8B05-735D686FDB8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2020:r4:*:*:*:*:*:*",
"matchCriteriaId": "C90473FA-81CB-4984-8B4C-2EE907ED9DC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2020:r5:*:*:*:*:*:*",
"matchCriteriaId": "B09E4798-97D8-41B7-9E3C-A5D45F8C8CB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2020:r6:*:*:*:*:*:*",
"matchCriteriaId": "03D1BFD1-E75E-4816-9D3B-380DACB50EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2021:-:*:*:*:*:*:*",
"matchCriteriaId": "C0BC96D8-AB88-47BF-B956-818BF9C8E91E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2021:r2:*:*:*:*:*:*",
"matchCriteriaId": "CD0B65DD-E62E-4D7F-90C4-EE8EACE23F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2021:r3:*:*:*:*:*:*",
"matchCriteriaId": "006E30B2-90DC-475D-835B-030A5801332F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2023:q1:*:*:*:*:*:*",
"matchCriteriaId": "326C3FE1-6CE7-4FD4-9E8A-C14E1A0BE743",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2023:q2:*:*:*:*:*:*",
"matchCriteriaId": "406FE5DA-02BE-4981-8F0E-C77840C5CB5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2023:q3:*:*:*:*:*:*",
"matchCriteriaId": "2B89A08C-C66E-400A-A224-DF6ED111D565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2023:q4:*:*:*:*:*:*",
"matchCriteriaId": "2A151AB1-BD09-4DF0-B7DD-4D8E1E7E026C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ni:flexlogger:2018:r1:*:*:*:*:*:*",
"matchCriteriaId": "9C2C31C3-9D4C-4FEE-8457-31E9F66CD043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2018:r2:*:*:*:*:*:*",
"matchCriteriaId": "F16894B6-5151-41DE-A1AC-7FB3C23DC05F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2018:r3:*:*:*:*:*:*",
"matchCriteriaId": "4BE623D6-DE16-40ED-82CF-3CCD975B5C92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2018:r4:*:*:*:*:*:*",
"matchCriteriaId": "0375EAF9-35F8-43AB-A26D-79B1C74E6055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2019:r1:*:*:*:*:*:*",
"matchCriteriaId": "1E8E8A79-BCBA-42D0-A4D5-4134327FDB07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2019:r2:*:*:*:*:*:*",
"matchCriteriaId": "91A2082B-47F5-4DFD-A9CE-115DB223B4A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2019:r3:*:*:*:*:*:*",
"matchCriteriaId": "758C8631-05F4-415B-861A-FF47896756BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2019:r4:*:*:*:*:*:*",
"matchCriteriaId": "CA0E5A70-2CE4-485F-97BC-CEF8FC2C6C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2020:r1:*:*:*:*:*:*",
"matchCriteriaId": "852AC7E1-DE18-4EAD-9079-7E3DF5EAD9A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "055A3E53-09AC-4CD4-8724-21E3F591550E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2020:r3:*:*:*:*:*:*",
"matchCriteriaId": "BEE4C627-4298-469E-91BA-08C711F7EE14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2020:r4:*:*:*:*:*:*",
"matchCriteriaId": "A7BB6592-DBC5-4D4C-96AD-CDE24E1F576A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2021:r1:*:*:*:*:*:*",
"matchCriteriaId": "008505B6-6295-46CE-A923-27958172F026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2021:r2:*:*:*:*:*:*",
"matchCriteriaId": "CE96AE31-D36F-446A-96A5-46C762818A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2021:r3:*:*:*:*:*:*",
"matchCriteriaId": "336F1E07-92EE-4BF5-AA14-981BFB67965C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2021:r4:*:*:*:*:*:*",
"matchCriteriaId": "7D3A4BF7-5BF0-4EE5-BF7C-8C514D6238B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2022:q2:*:*:*:*:*:*",
"matchCriteriaId": "0213180D-04BD-4979-88BE-B21F385469CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2022:q4:*:*:*:*:*:*",
"matchCriteriaId": "A336AAE6-FA87-4900-AECD-12997D064A64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2023:q1:*:*:*:*:*:*",
"matchCriteriaId": "CBFBD9F4-9FFF-44B2-8E95-2DEAC4476A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2023:q2:*:*:*:*:*:*",
"matchCriteriaId": "FA33AE39-F976-4C56-9A4B-8932BC6855C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2023:q3:*:*:*:*:*:*",
"matchCriteriaId": "21C2A279-F66F-49D3-A4A8-1D56FEF22B6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2023:q4:*:*:*:*:*:*",
"matchCriteriaId": "08133BDF-895D-4D2A-8DAB-C02766DE86B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file."
},
{
"lang": "es",
"value": "Una asignaci\u00f3n de permiso incorrecta en TopoGrafix DataPlugin para GPX podr\u00eda resultar en la divulgaci\u00f3n de informaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad haciendo que un usuario abra un archivo de datos especialmente manipulado."
}
],
"id": "CVE-2023-5136",
"lastModified": "2024-11-21T08:41:08.100",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "security@ni.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-08T16:15:11.067",
"references": [
{
"source": "security@ni.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ni.com/en/support/documentation/supplemental/23/incorrect-permission-assignment-in-the-topografix-dataplug-for-gpx.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ni.com/en/support/documentation/supplemental/23/incorrect-permission-assignment-in-the-topografix-dataplug-for-gpx.html"
}
],
"sourceIdentifier": "security@ni.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "security@ni.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-06 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ni | diadem | * | |
| ni | labview | * | |
| ni | labwindows | * | |
| ni | measurementstudio | * | |
| ni | teststand | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ni:diadem:*:*:*:*:*:*:*:*",
"matchCriteriaId": "651A3465-0A7A-4EE2-B46E-D1E6972767A6",
"versionEndIncluding": "2012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:labview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3815CFE4-4E5E-44BB-B206-520C39DE3674",
"versionEndIncluding": "2012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:labwindows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC46A398-C8F3-49B2-BDDE-20DEA80EC941",
"versionEndIncluding": "2012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:measurementstudio:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A12E5F42-B2FC-48F4-8D04-5B59A3869461",
"versionEndIncluding": "2013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:teststand:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68051582-D70F-4B32-A9F9-64A5E33CB481",
"versionEndIncluding": "2012",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en un control ActiveX en el componente HelpAsst en NI Help Links in National Instruments LabWindows/CVI, LabVIEW, y otros productos, tiene un impacto desconocido y vectores de ataque remotos."
}
],
"id": "CVE-2013-5023",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-08-06T20:55:05.453",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://digital.ni.com/public.nsf/allkb/E6BC4F119D49A97A86257BD3004FE019?OpenDocument"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://digital.ni.com/public.nsf/websearch/5C87A3AA7300868986257B3600501FE6?OpenDocument"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://digital.ni.com/public.nsf/allkb/E6BC4F119D49A97A86257BD3004FE019?OpenDocument"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://digital.ni.com/public.nsf/websearch/5C87A3AA7300868986257B3600501FE6?OpenDocument"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}