exploitDog

GHSA-3727-x5w3-xwrr

Опубликовано: 12 дек. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The radius configuration mechanism of affected products does not correctly check uploaded certificates. A malicious admin could upload a crafted certificate resulting in a denial-of-service condition or potentially issue commands on system level.

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The radius configuration mechanism of affected products does not correctly check uploaded certificates. A malicious admin could upload a crafted certificate resulting in a denial-of-service condition or potentially issue commands on system level.

Ссылки

EPSS

Процентиль: 21%

0.00067

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2023-48428

CVSS3: 7.2

nvd

около 2 лет назад

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The radius configuration mechanism of affected products does not correctly check uploaded certificates. A malicious admin could upload a crafted certificate resulting in a denial-of-service condition or potentially issue commands on system level.

EPSS

Процентиль: 21%

0.00067

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-78