Lucene search
SynologyCVE-2023-5748HistoryNov 07, 2023 - 4:24 a.m.
CVE-2023-5748
2023-11-0704:24:19
CWE-120
synology
web.nvd.nist.gov
18
cve-2023-5748
buffer overflow
synology
ssl vpn client
nvd
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
5.3
Confidence
High
EPSS
0
Percentile
5.1%
Buffer copy without checking size of input (‘Classic Buffer Overflow’) vulnerability in cgi component in Synology SSL VPN Client before 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors.
Affected configurations
Node
synologyssl_vpn_clientRange<1.4.7-0687
| Vendor | Product | Version | CPE |
|---|---|---|---|
| synology | ssl_vpn_client | * | cpe:2.3:a:synology:ssl_vpn_client:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Synology",
"product": "Synology SSL VPN Client",
"versions": [
{
"version": "*",
"status": "affected",
"lessThan": "1.4.7-0687",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
]Related
prion
prion
Buffer overflow
2023-11-07 04:24:00
vulnrichment
vulnrichment
CVE-2023-5748
2023-10-24 10:26:59
nvd
nvd
CVE-2023-5748
2023-11-07 04:24:19
cvelist
cvelist
CVE-2023-5748
2023-10-24 10:26:59
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
5.3
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVE-2023-5748