Lucene search

[email protected]CVE-2023-1981

HistoryMay 26, 2023 - 6:15 p.m.

CVE-2023-1981

2023-05-2618:15:11

CWE-400

[email protected]

web.nvd.nist.gov

119

vulnerability

avahi library

cve-2023-1981

nvd

security

dbus

crash

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.1 Medium

AI Score

Confidence

High

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash.

VendorProductVersionCPE
avahiavahi*cpe:2.3:a:avahi:avahi:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
avahi	avahi	*	cpe:2.3:a:avahi:avahi::::::::

References

access.redhat.com/security/cve/CVE-2023-1981

bugzilla.redhat.com/show_bug.cgi?id=2185911

github.com/lathiat/avahi/issues/375

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.1 Medium

AI Score

Confidence

High

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2023-1981

nessus28 oraclelinux2 alpinelinux1 openvas18 osv7 almalinux2 debian1 redos1 fedora1 mageia1 rocky1 redhatcve1 prion1 ubuntucve1 amazon1 redhat9 debiancve1 ubuntu2 veracode1 ibm2 hp1