Lucene search

[email protected]CVE-2023-33630

HistoryMay 31, 2023 - 9:15 p.m.

CVE-2023-33630

2023-05-3121:15:09

CWE-787

[email protected]

web.nvd.nist.gov

cve-2023-33630

h3c

magic r300

stack overflow

editvslist interface

security vulnerability

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

40.4%

JSON

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the EditvsList interface at /goform/aspForm.

Affected configurations

NVD

Node

h3cmagic_r300-2100m_firmwareMatchr300-2100mv100r004

AND

h3cmagic_r300-2100mMatch-

CPENameOperatorVersion
h3c:magic_r300-2100m_firmwareh3c magic r300-2100m firmwareeqr300-2100mv100r004

CPE	Name	Operator	Version
h3c:magic_r300-2100m_firmware	h3c magic r300-2100m firmware	eq	r300-2100mv100r004

References

hackmd.io/%400dayResearch/HkUA31-Mh

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

40.4%

JSON

Related for CVE-2023-33630

nvd1 cvelist1 prion1 cnvd1