Lucene search
ApacheCVE-2023-30575HistoryJun 07, 2023 - 9:15 a.m.
CVE-2023-30575
2023-06-0709:15:09
CWE-131
apache
web.nvd.nist.gov
27
cve-2023-30575
apache guacamole
security vulnerability
protocol handshake
data injection
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.002
Percentile
60.2%
Apache Guacamole 1.5.1 and older may incorrectly calculate the lengths of instruction elements sent during the Guacamole protocol handshake, potentially allowing an attacker to inject Guacamole instructions during the handshake through specially-crafted data.
Affected configurations
Node
apacheguacamoleRange<1.5.2
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache Guacamole",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]Related
cvelist
cvelist
osv
osv
BIT-guacamole-2023-30575
2024-03-06 10:53:11
CGA-2xq6-prqr-jcf7
2024-06-06 12:21:43
BIT-guacamole-server-2023-30575
2024-03-06 10:53:14
nvd
nvd
CVE-2023-30575
2023-06-07 09:15:09
prion
prion
Code injection
2023-06-07 09:15:00
ubuntucve
ubuntucve
CVE-2023-30575
2023-06-07 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.002
Percentile
60.2%
Related for CVE-2023-30575