CVE-2023-41779

Опубликовано: 03 янв. 2024

Источник: nvd

CVSS3: 4.4

CVSS3: 5.5

EPSS Низкий

Описание

There is an illegal memory access vulnerability of ZTE's ZXCLOUD iRAI product.When the vulnerability is exploited by an attacker with the common user permission, the physical machine will be crashed.

Ссылки

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404
Vendor Advisory
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:zte:zxcloud_irai:*:*:*:*:*:*:*:*

Версия до 7.23.32 (исключая)

cpe:2.3:a:zte:zxcloud_irai:-:*:*:*:*:*:*:*

EPSS

Процентиль: 6%

0.00023

Низкий

4.4 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-119

CWE-863

Связанные уязвимости

GHSA-69j8-7w6h-7f9w

CVSS3: 4.4

github

около 2 лет назад

There is an illegal memory access vulnerability of ZTE's ZXCLOUD iRAI product.When the vulnerability is exploited by an attacker with the common user permission, the physical machine will be crashed.

EPSS

Процентиль: 6%

0.00023

Низкий

4.4 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-119

CWE-863