Security Advisory

CVE-2023-47261

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-14 00:00:00

Last updated 2024-08-02 21:09:36

Assigner mitre

State PUBLISHED

Description

Dokmee ECM 7.4.6 allows remote code execution because the response to a GettingStarted/SaveSQLConnectionAsync /#/gettingstarted request contains a connection string for privileged SQL Server database access, and xp_cmdshell can be enabled.

← Browse all CVEs View on cve.org ↗