Known Vulnerabilities for Vuforia Studio by Ptc
Listed below are 6 of the newest known vulnerabilities associated with "Vuforia Studio" by "Ptc".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-31200 json | PTC Vuforia Studio does not require a token; this could allow an attacker with local access to perform a cross-site req... | 8 - HIGH | 2023-06-07 | 2023-06-16 |
| CVE-2023-29502 json | Before importing a project into Vuforia, a user could modify the “resourceDirectory” attribute in the appConfig.json... | 4.3 - MEDIUM | 2023-06-07 | 2023-06-15 |
| CVE-2023-29168 json | The local Vuforia web application does not support HTTPS, and federated credentials are passed via basic authentication. | 7.5 - HIGH | 2023-06-07 | 2023-06-16 |
| CVE-2023-29152 json | By changing the filename parameter in the request, an attacker could delete any file with the permissions of the Vuforia s... | 8.1 - HIGH | 2023-06-07 | 2023-06-15 |
| CVE-2023-27881 json | A user could use the “Upload Resource” functionality to upload files to any location on the disk. | 9.9 - CRITICAL | 2023-06-07 | 2023-06-16 |
| CVE-2023-24476 json | An attacker with local access to the machine could record the traffic, which could allow them to resend requests without th... | 3.3 - LOW | 2023-06-07 | 2023-06-15 |