Browse all 5 CVE security advisories affecting DEXMA. AI-powered Chinese analysis, POCs, and references for each vulnerability.
DEXMA provides energy management software for monitoring and optimizing building energy consumption. Historically, the platform has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. These weaknesses often stem from insufficient input validation and improper access controls. While no major public security incidents have been widely reported, the five documented CVEs highlight persistent security concerns in web application components and API endpoints. The software's exposure to internet-facing environments increases potential attack surfaces, particularly for unpatched instances. Organizations implementing DEXMA should prioritize timely updates and harden configurations against common web application threats.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-42666 | Exposure of Sensitive Information to an Unauthorized Actor in DEXMA DEXGate — DexGateCWE-200 | 5.3 | Medium | 2023-10-19 |
| CVE-2023-42435 | Cross-Site Request Forgery in DEXMA DEXGate — DexGateCWE-352 | 5.5 | Medium | 2023-10-19 |
| CVE-2023-41089 | Improper Authentication in DEXMA DEXGate — DexGateCWE-287 | 8.0 | High | 2023-10-19 |
| CVE-2023-41088 | Cleartext Transmission of Sensitive Information in DEXMA DEXGate — DexGateCWE-319 | 6.3 | Medium | 2023-10-19 |
| CVE-2023-40153 | Cross-site Scripting in DEXMA DEXGate — DexGateCWE-79 | 5.4 | Medium | 2023-10-19 |
This page lists every published CVE security advisory associated with DEXMA. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.