CVE-2026-9695
CRITICAL
9.8
CVSS 3.1
Description
An Improper Authentication vulnerability affecting DELMIA Apriso from Release 2020 through Release 2026 could allow an attacker to gain privileged access to the server.
Metadata
Severity & Metrics
9.8
CRITICAL CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
SSVC — CISA Coordinator
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Dassault Systèmes | DELMIA Apriso | — | Release 2020 Golden ≤ Release 2020 SP4, Release 2021 Golden ≤ Release 2021 SP3, Release 2022 Golden ≤ Release 2022 SP4, Release 2023 Golden ≤ Release 2023 SP3 … |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-287 | cna | CWE-287 Improper Authentication |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 9.8 | CRITICAL | 3.1 | cna | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |