Описание
Open5GS before 2.7.1 is vulnerable to a reachable assertion that can cause an AMF crash via NAS messages from a UE: gmm_state_authentication in amf/gmm-sm.c for != OGS_ERROR.
Ссылки
- Release NotesVendor Advisory
- Issue TrackingVendor Advisory
- Release NotesVendor Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.7.1 (исключая)
cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*
EPSS
Процентиль: 43%
0.00207
Низкий
7.5 High
CVSS3
Дефекты
CWE-617
Связанные уязвимости
CVSS3: 7.5
debian
почти 2 года назад
Open5GS before 2.7.1 is vulnerable to a reachable assertion that can c ...
CVSS3: 7.5
github
почти 2 года назад
Open5GS before 2.7.1 is vulnerable to a reachable assertion that can cause an AMF crash via NAS messages from a UE: gmm_state_authentication in amf/gmm-sm.c for != OGS_ERROR.
EPSS
Процентиль: 43%
0.00207
Низкий
7.5 High
CVSS3
Дефекты
CWE-617