Lucene search

[email protected]NVD:CVE-2023-0411

HistoryJan 26, 2023 - 9:18 p.m.

CVE-2023-0411

2023-01-2621:18:07

CWE-834

[email protected]

web.nvd.nist.gov

wireshark

excessive loops

denial of service

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

42.3%

JSON

Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

Affected configurations

Nvd

Node

wiresharkwiresharkRange3.6.0–3.6.10

wiresharkwiresharkRange4.0.0–4.0.2

VendorProductVersionCPE
wiresharkwireshark*cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
wireshark	wireshark	*	cpe:2.3:a:wireshark:wireshark::::::::

References

gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0411.json

gitlab.com/wireshark/wireshark/-/issues/18711

gitlab.com/wireshark/wireshark/-/issues/18720

gitlab.com/wireshark/wireshark/-/issues/18737

lists.debian.org/debian-lts-announce/2023/02/msg00007.html

www.wireshark.org/security/wnpa-sec-2023-06.html

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

42.3%

JSON

Related for NVD:CVE-2023-0411

cve1 debiancve1 ubuntucve1 redhatcve1 veracode1 alpinelinux1 osv2 prion1 cvelist1 nessus12 debian1 openvas3 kaspersky1 rosalinux1 photon1