Описание
The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected limits. An unauthenticated attacker may allocate an arbitrary amount of memory, which may lead to a crash of the Gateway due to an out-of-memory condition.
Уязвимые конфигурации
Конфигурация 1Версия от 2.0 (включая) до 2.3.9.38 (исключая)
cpe:2.3:a:codesys:gateway:*:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00446
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-789
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected limits. An unauthenticated attacker may allocate an arbitrary amount of memory, which may lead to a crash of the Gateway due to an out-of-memory condition.
EPSS
Процентиль: 63%
0.00446
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-789