CVE-2023-31717
Summary
| CVE | CVE-2023-31717 |
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-09-22 00:15:00 UTC |
| Updated | 2023-09-25 16:42:00 UTC |
| Description | A SQL Injection attack in FUXA <= 1.1.12 allows exfiltration of confidential information from the database. |
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|
| Application |
Frangoteam |
Fuxa |
All |
All |
All |
All |
References
| Reference | Source | Link | Tags |
|---|
| Unauthenticated SQL Injection FUXA Web-Based SCADA - YouTube |
MISC |
youtu.be |
|
| GitHub - MateusTesser/CVE-2023-31717 |
MISC |
github.com |
|
| GitHub - frangoteam/FUXA: Web-based Process Visualization (SCADA/HMI/Dashboard) software |
MISC |
github.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 995392 NodeJs (Npm) Security Update for fuxa-server (GHSA-v9q5-9crp-92f9)