CVE-2023-47615

MEDIUM Year: 2023
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-526
View all →

Vulnerability Description

A CWE-526: Exposure of Sensitive Information Through Environmental Variables vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to get access to a sensitive data on the targeted system.

Related Vulnerabilities

CVE-2024-11736

MEDIUM
CVSS:4.9(Medium)

A vulnerability was found in Keycloak. Admin users may have to access sensitive server environment variables and system properties through user-configurable URLs. When configuring backchannel logout U...

CWE-5262024

CVE-2024-12604

MEDIUM
CVSS:6.5(Medium)

Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies Tap&Sign App allows Password Rec...

CWE-5262024

CVE-2025-0985

MEDIUM
CVSS:6.5(Medium)

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD stores potentially sensitive information in environment variables that could be obtained by a local user.

CWE-5262025

CVE-2023-35931

MEDIUM
CVSS:4.3(Medium)

Shescape is a simple shell escape library for JavaScript. An attacker may be able to get read-only access to environment variables. This bug has been patched in version 1.7.1.

CWE-5262023

CVE-2024-4369

MEDIUM
CVSS:6.8(Medium)

An information disclosure flaw was found in OpenShift's internal image registry operator. The AZURE_CLIENT_SECRET can be exposed through an environment variable defined in the pod definition, but is l...

CWE-5262024

CVE-2024-2700

HIGH
CVSS:7.0(High)

A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application's build, therefore, running the resulting applic...

CWE-5262024