Описание
An unchecked read in NTP server in github.com/cloudflare/cfnts prior to commit 783490b https://github.com/cloudflare/cfnts/commit/783490b913f05e508a492cd7b02e3c4ec2297b71 enabled a remote attacker to trigger a panic by sending an NTSAuthenticator packet with extension length longer than the packet contents.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2023-06-01 (исключая)
cpe:2.3:a:cloudflare:cfnts:*:*:*:*:*:rust:*:*
EPSS
Процентиль: 64%
0.0047
Низкий
8.6 High
CVSS3
7.5 High
CVSS3
Дефекты
CWE-119
CWE-125
EPSS
Процентиль: 64%
0.0047
Низкий
8.6 High
CVSS3
7.5 High
CVSS3
Дефекты
CWE-119
CWE-125