Lucene search

[email protected]NVD:CVE-2023-29912

HistoryApr 21, 2023 - 3:15 p.m.

CVE-2023-29912

2023-04-2115:15:07

CWE-787

[email protected]

web.nvd.nist.gov

h3c magic r200

stack overflow

delvslist interface

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

32.5%

JSON

H3C Magic R200 R200V100R004 was discovered to contain a stack overflow via the DelvsList interface at /goform/aspForm.

Affected configurations

Nvd

Node

h3cmagic_r200_firmwareMatchr200v100r004

AND

h3cmagic_r200_firmwareMatch-

VendorProductVersionCPE
h3cmagic_r200_firmwarer200v100r004cpe:2.3:o:h3c:magic_r200_firmware:r200v100r004:*:*:*:*:*:*:*
h3cmagic_r200_firmware-cpe:2.3:o:h3c:magic_r200_firmware:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
h3c	magic_r200_firmware	r200v100r004	cpe:2.3:o:h3c:magic_r200_firmware:r200v100r004:::::::*
h3c	magic_r200_firmware	-	cpe:2.3:o:h3c:magic_r200_firmware:-:::::::*

References

hackmd.io/%400dayResearch/S1TusiR1n

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

32.5%

JSON

Related for NVD:CVE-2023-29912

cve1 prion1 cvelist1