CVE-2023-32275

Опубликовано: 12 окт. 2023

Источник: nvd

CVSS3: 5.5

CVSS3: 4.4

EPSS Низкий

Описание

An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability.

Ссылки

https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753
Exploit
Third Party Advisory
https://www.softether.org/9-about/News/904-SEVPN202301
Vendor Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753
Exploit
Third Party Advisory
https://www.softether.org/9-about/News/904-SEVPN202301
Vendor Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1753

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:softether:vpn:4.41-9782:beta:*:*:*:*:*:*

cpe:2.3:a:softether:vpn:5.01.9674:*:*:*:*:*:*:*

EPSS

Процентиль: 19%

0.00058

Низкий

5.5 Medium

CVSS3

4.4 Medium

CVSS3

Дефекты

CWE-201

CWE-668

Связанные уязвимости

GHSA-4g94-rrhw-h5fw

CVSS3: 5.5

github

больше 2 лет назад

EPSS

Процентиль: 19%

0.00058

Низкий

5.5 Medium

CVSS3

4.4 Medium

CVSS3

Дефекты

CWE-201

CWE-668