TeoSOFT Software CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

CRITICAL TeoSOFT Software CVE published 2024-03-27

CVE-2023-6153

CVE-2023-6153 is a critical authentication bypass issue affecting TeoSOFT Software TeoBASE. The supplied CVE description says the issue affects TeoBASE through 20240327 and notes that the vendor was contacted early but did not respond. Given the CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), this should be treated as a remotely reachable, unauthenticated access-control failure with potentially sev [truncated]

CRITICAL TeoSOFT Software CVE published 2024-03-27

CVE-2023-6173

CVE-2023-6173 is a critical SQL injection issue affecting TeoSOFT Software TeoBASE, with the affected range described as through 27032024. Because the flaw is categorized as CWE-89 and rated CVSS 9.8, defenders should treat this as an urgent application-layer database exposure until systems are verified remediated or isolated.