CVE-2022-30551

Опубликовано: 20 мая 2022

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker to cause a server to stop processing messages by sending crafted messages that exhaust available resources.

Ссылки

https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2022-30551.pdf
Patch
Vendor Advisory
https://github.com/OPCFoundation/UA-Java-Legacy
Product
Third Party Advisory
https://opcfoundation.org
Vendor Advisory
https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2022-30551.pdf
Patch
Vendor Advisory
https://github.com/OPCFoundation/UA-Java-Legacy
Product
Third Party Advisory
https://opcfoundation.org
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opcfoundation:ua-java:2022-04-01:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01099

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-400

Связанные уязвимости

GHSA-fm58-52q7-gpvg