Lucene search

[email protected]NVD:CVE-2023-46217

HistoryDec 19, 2023 - 4:15 p.m.

CVE-2023-46217

2023-12-1916:15:09

CWE-787

[email protected]

web.nvd.nist.gov

cve-2023-46217

denial of service

code execution

mobile device server

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

48.9%

JSON

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.

Affected configurations

NVD

Node

ivantiavalancheRange<6.4.2premise

AND

microsoftwindowsMatch-

References

download.wavelink.com/Files/avalanche_v6.4.2_release_notes.txt

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

48.9%

JSON

Related for NVD:CVE-2023-46217

cve1 prion1 cvelist1 nessus1