Lucene search

MitreCVE-2023-34931

HistoryJun 28, 2023 - 2:15 p.m.

CVE-2023-34931

2023-06-2814:15:09

CWE-787

mitre

web.nvd.nist.gov

cve-2023-34931

stack overflow

editwlanmaclist

h3c magic

dos

post request

nvd

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

38.1%

JSON

A stack overflow in the EditWlanMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Affected configurations

Nvd

Node

h3cmagic_b1st_firmwareMatch100r012

AND

h3cmagic_b1stMatch-

VendorProductVersionCPE
h3cmagic_b1st_firmware100r012cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*
h3cmagic_b1st-cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
h3c	magic_b1st_firmware	100r012	cpe:2.3:o:h3c:magic_b1st_firmware:100r012:::::::*
h3c	magic_b1st	-	cpe:2.3:h:h3c:magic_b1st:-:::::::*

References

github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34931.md

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

38.1%

JSON

Related for CVE-2023-34931