CVE-2023-5515 MEDIUM

CVE-2023-5515

Vendor Hitachi Energy

Product eSOMS

Weakness CWE-200 · Info exposure

Published November 1, 2023

Last update February 27, 2025

View on NVD All CVEs

CVSS base score

5.3/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality Low

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

The responses for web queries with certain parameters disclose internal path of resources. This information can be used to learn internal structure of the application and to further plot attacks against web servers and deployed web applications.

Key dates

02Disclosure timeline

November 1, 2023 CVE published

February 27, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-5515

Related vulnerabilities

04Related CVE

CVE-2014-125102 Bestwebsoft Relevant Plugin Thumbnail information disclosure CVE-2026-27892 FacturaScripts: Unstripped Image Metadata (EXIF) Leakage via Library Module File Upload/Download CVE-2024-37307 Cilium leaks sensitive information in cilium-bugtool CVE-2024-34696 GeoServer's Server Status shows sensitive environmental variables and Java properties CVE-2026-40159 PraisonAI Exposes Sensitive Environment Variable via Untrusted MCP Subprocess Execution