CVE-2023-3589
Published: Oct 9, 2023
Modified: Sep 19, 2024
CVSS v3.1
6.8
Description
A Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x could allow with some very specific conditions an attacker to send a specifically crafted query to the server.
| Vendor | Product | Versions |
|---|---|---|
Dassault Systèmes | Teamwork Cloud - Business Edition | affected No Magic Release 2021x Golden - <= No Magic Release 2021x Refresh2affected No Magic Release 2022x Golden - <= No Magic Release 2022x Refresh2 |
Dassault Systèmes | Teamwork Cloud - Enterprise Edition | affected No Magic Release 2021x Golden - <= No Magic Release 2021x Refresh2affected No Magic Release 2022x Golden - <= No Magic Release 2022x Refresh2 |
Dassault Systèmes | Teamwork Cloud - Business Pro Edition | affected No Magic Release 2021x Golden - <= No Magic Release 2021x Refresh2affected No Magic Release 2022x Golden - <= No Magic Release 2022x Refresh2 |
Dassault Systèmes | Teamwork Cloud - Standard Edition | affected No Magic Release 2021x Golden - <= No Magic Release 2021x Refresh2affected No Magic Release 2022x Golden - <= No Magic Release 2022x Refresh2 |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now