CVE-2023-28098

2023-03-1523:15:09

CWE-20

[email protected]

web.nvd.nist.gov

opensips

sip server

cve-2023-28098

security vulnerability

bug fix

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.0%

JSON

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, a specially crafted Authorization header causes OpenSIPS to crash or behave in an unexpected way due to a bug in the function parse_param_name() . This issue was discovered while performing coverage guided fuzzing of the function parse_msg. The AddressSanitizer identified that the issue occurred in the function q_memchr() which is being called by the function parse_param_name(). This issue may cause erratic program behaviour or a server crash. It affects configurations containing
functions that make use of the affected code, such as the function www_authorize() . Versions 3.1.7 and 3.2.4 contain a fix.

Affected configurations

Vulners

NVD

Node

opensipsopensipsRange<3.1.7

opensipsopensipsRange3.2.0–3.2.4

VendorProductVersionCPE
opensipsopensips*cpe:2.3:a:opensips:opensips:*:*:*:*:*:*:*:*
opensipsopensips*cpe:2.3:a:opensips:opensips:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
opensips	opensips	*	cpe:2.3:a:opensips:opensips::::::::
opensips	opensips	*	cpe:2.3:a:opensips:opensips::::::::

CNA Affected

[
  {
    "vendor": "OpenSIPS",
    "product": "opensips",
    "versions": [
      {
        "version": "< 3.1.7",
        "status": "affected"
      },
      {
        "version": ">= 3.2.0, < 3.2.4",
        "status": "affected"
      }
    ]
  }
]