CVE-2023-27410

Опубликовано: 09 мая 2023

Источник: nvd

CVSS3: 2.7

EPSS Низкий

Описание

A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based buffer overflow vulnerability was found in the edgebox_web_app binary. The binary will crash if supplied with a backup password longer than 255 characters. This could allow an authenticated privileged attacker to cause a denial of service.

Ссылки

https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf
Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:siemens:scalance_lpe9403_firmware:*:*:*:*:*:*:*:*

Версия до 2.1 (исключая)

cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:*

EPSS

Процентиль: 28%

0.00099

Низкий

2.7 Low

CVSS3

Дефекты

CWE-122

Связанные уязвимости

GHSA-5589-g6gq-7gfx