Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-24613

Опубликовано: 03 фев. 2023
Источник: nvd
CVSS3: 4.9
EPSS Низкий

Описание

The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend binary file that handles the user interface to a cause denial of service attack. This is fixed in AG 9.4.0.481.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:arraynetworks:arrayos_ag:*:*:*:*:*:*:*:*
Версия до 9.4.0.470 (включая)

Одно из

cpe:2.3:h:arraynetworks:ag1000:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1000t:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1000v5:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1100v5:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1150:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1200:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1200v5:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1500:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1500fips:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1500v5:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1600:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1600v5:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:vxag:-:*:*:*:*:*:*:*

EPSS

Процентиль: 70%
0.00621
Низкий

4.9 Medium

CVSS3

Дефекты

CWE-787
CWE-787

Связанные уязвимости

github логотип

GHSA-h4g9-6mgj-wrmj

CVSS3: 4.9
github
около 3 лет назад

The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend binary file that handles the user interface to a cause denial of service attack. This is fixed in AG 9.4.0.481.

EPSS

Процентиль: 70%
0.00621
Низкий

4.9 Medium

CVSS3

Дефекты

CWE-787
CWE-787