CVE-2023-38131

2023-11-1419:15:28

CWE-20

[email protected]

web.nvd.nist.gov

cve-2023-38131

denial of service

network access

authentication

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

13.3%

JSON

Improper input validationation for some Intel Unison software may allow an authenticated user to potentially enable denial of service via network access.

Affected configurations

Nvd

Node

intelunison_softwareRange<20.14.5683.0

AND

microsoftwindowsMatch-

Node

intelunison_softwareRange<20.14.4244

AND

googleandroidMatch-

Node

intelunison_softwareRange<20.14.2.3053

AND

appleiphone_osMatch-

VendorProductVersionCPE
intelunison_software*cpe:2.3:a:intel:unison_software:*:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
googleandroid-cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
appleiphone_os-cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
intel	unison_software	*	cpe:2.3:a:intel:unison_software::::::::
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*
google	android	-	cpe:2.3:o:google:android:-:::::::*
apple	iphone_os	-	cpe:2.3:o:apple:iphone_os:-:::::::*