Описание
The NHI card’s web service component has a heap-based buffer overflow vulnerability due to insufficient validation for packet origin parameter length. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:nhi:health_insurance_web_service_component:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 15%
0.00047
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-787
CWE-770
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
The NHI card’s web service component has a heap-based buffer overflow vulnerability due to insufficient validation for packet origin parameter length. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service.
EPSS
Процентиль: 15%
0.00047
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-787
CWE-770