7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.6 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.9%
iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.
seclists.org/fulldisclosure/2023/Oct/24
seclists.org/fulldisclosure/2023/Oct/26
bugs.debian.org/1040830
cwe.mitre.org/data/definitions/130.html
downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc
github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9
github.com/esnet/iperf/issues/1542
lists.debian.org/debian-lts-announce/2023/07/msg00025.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV6EBWWF4PEQKROEVXGYSTIT2MGBTLU7/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M25Z5FHTO3XWMGP37JHJ7IIIHSGCLKEV/
security.netapp.com/advisory/ntap-20230818-0016/
support.apple.com/kb/HT213984
support.apple.com/kb/HT213985
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.6 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.9%