QMS Automotive < V12.39 Sensitive Info Disclosure Exposing DB Access
CVE-2023-40726 Published on September 12, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application server responds with sensitive information about the server. This could allow an attacker to directly access the database.
Weakness Type
Server-generated Error Message Containing Sensitive Information
Certain conditions, such as network failure, will cause a server error message to be displayed. While error messages in and of themselves are not dangerous, per se, it is what an attacker can glean from them that might cause eventual problems.
Products Associated with CVE-2023-40726
Want to know whenever a new CVE is published for Siemens Qms Automotive? stack.watch will email you.
Affected Versions
Siemens QMS Automotive Version All versions < V12.39 is affected by CVE-2023-40726Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.