Описание
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP Initial UE Message packet missing an expected EUTRAN_CGI field.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.8.0 (включая)
cpe:2.3:a:linuxfoundation:magma:*:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00154
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-476
CWE-476
Связанные уязвимости
CVSS3: 6.5
github
около 1 года назад
A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Initial UE Message` packet missing an expected `EUTRAN_CGI` field.
EPSS
Процентиль: 36%
0.00154
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-476
CWE-476