{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T10:20:47.225","vulnerabilities":[{"cve":{"id":"CVE-2023-48373","sourceIdentifier":"twcert@cert.org.tw","published":"2023-12-15T05:15:08.153","lastModified":"2024-11-21T08:31:35.477","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ITPison OMICARD EDM has a path traversal vulnerability within its parameter “FileName” in a specific function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files."},{"lang":"es","value":"ITPison OMICARD EDM tiene una vulnerabilidad de path traversal dentro de su parámetro “FileName” en una función específica. Un atacante remoto no autenticado puede aprovechar esta vulnerabilidad para eludir la autenticación y descargar archivos arbitrarios del sistema."}],"metrics":{"cvssMetricV31":[{"source":"twcert@cert.org.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"twcert@cert.org.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:itpison:omicard_edm:6.0.1.5:*:*:*:*:*:*:*","matchCriteriaId":"E0E83A71-074E-41B5-908A-3A227F4DB884"}]}]}],"references":[{"url":"https://www.twcert.org.tw/tw/cp-132-7592-998bf-1.html","source":"twcert@cert.org.tw","tags":["Third Party Advisory"]},{"url":"https://www.twcert.org.tw/tw/cp-132-7592-998bf-1.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}