CVE-2023-1997 – OS Command Injection vulnerability affecting SIMULIA 3DOrchestrate from Release 3DEXPERIENCE R2021x through Release 3DEXPERIENCE R2023x

https://notcve.org/view.php?id=CVE-2023-1997

An OS Command Injection vulnerability exists in SIMULIA 3DOrchestrate from Release 3DEXPERIENCE R2021x through Release 3DEXPERIENCE R2023x. A specially crafted HTTP request can lead to arbitrary command execution. • https://www.3ds.com/vulnerability/advisories • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •