CVE-2021-44108

Опубликовано: 05 апр. 2022

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

A null pointer dereference in src/amf/namf-handler.c in Open5GS 2.3.6 and earlier allows remote attackers to Denial of Service via a crafted sbi request to amf.

Ссылки

https://github.com/open5gs/open5gs/commit/d919b2744cd05abae043490f0a3dd1946c1ccb8c
Patch
Third Party Advisory
https://github.com/open5gs/open5gs/issues/1247
Exploit
Issue Tracking
Third Party Advisory
https://github.com/open5gs/open5gs/commit/d919b2744cd05abae043490f0a3dd1946c1ccb8c
Patch
Third Party Advisory
https://github.com/open5gs/open5gs/issues/1247
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*

Версия до 2.3.6 (включая)

EPSS

Процентиль: 68%

0.00561

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-476

Связанные уязвимости

CVE-2021-44108

CVSS3: 7.5

debian

почти 4 года назад

A null pointer dereference in src/amf/namf-handler.c in Open5GS 2.3.6 ...

GHSA-w96w-f34f-w457

CVSS3: 7.5

github

почти 4 года назад

A null pointer dereference in src/amf/namf-handler.c in Open5GS 2.3.6 and earlier allows remote attackers to Denial of Service via a crafted sbi request to amf.

EPSS

Процентиль: 68%

0.00561

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-476