Lucene search
INCIBECVE-2022-48474HistorySep 12, 2023 - 8:15 a.m.
CVE-2022-48474
2023-09-1208:15:13
CWE-400
INCIBE
web.nvd.nist.gov
9
cve-2022-48474
control de ciber
denial of service
vulnerability
improper input validation
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
EPSS
0.001
Percentile
34.3%
Control de Ciber, in its 1.650 version, is affected by a Denial of Service condition through the version function. Sending a malicious request could cause the server to check if an unrecognized component is up to date, causing a memory failure error that shuts down the process.
Affected configurations
Node
cbmcontrol_de_ciberMatch1.650
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cbm | control_de_ciber | 1.650 | cpe:2.3:a:cbm:control_de_ciber:1.650:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Control de Ciber",
"vendor": "Control de Ciber",
"versions": [
{
"status": "affected",
"version": "v1.650"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2023-09-12 08:15:00
nvd
nvd
CVE-2022-48474
2023-09-12 08:15:13
cvelist
cvelist
CVE-2022-48474
2023-09-12 07:26:27
vulnrichment
vulnrichment
CVE-2022-48474
2023-09-12 07:26:27
githubexploit
githubexploit
Exploit for Uncontrolled Resource Consumption in Cbm Control De Ciber
2023-04-19 12:27:52
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
EPSS
0.001
Percentile
34.3%
Related for CVE-2022-48474