Lucene search

[email protected]CVE-2023-33980

HistoryMay 24, 2023 - 6:15 p.m.

CVE-2023-33980

2023-05-2418:15:10

CWE-400

[email protected]

web.nvd.nist.gov

cve-2023-33980

bramble synchronisation protocol

bsp

briar

dos

denial of service

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0 Low

EPSS

Percentile

14.0%

JSON

Bramble Synchronisation Protocol (BSP) in Briar before 1.4.22 allows attackers to cause a denial of service (repeated application crashes) via a series of long messages to a contact.

CPENameOperatorVersion
briarproject:briarbriarproject briarlt1.4.22
briarproject:briarbriarproject briareq1.0.11
briarproject:briarbriarproject briareq1.0.10
briarproject:briarbriarproject briareq1.2.9
briarproject:briarbriarproject briareq1.4.10
briarproject:briarbriarproject briareq1.2.19
briarproject:briarbriarproject briareq1.1.4
briarproject:briarbriarproject briareq1.4.8
briarproject:briarbriarproject briareq1.2.17
briarproject:briarbriarproject briareq1.0.9

CPE	Name	Operator	Version
briarproject:briar	briarproject briar	lt	1.4.22
briarproject:briar	briarproject briar	eq	1.0.11
briarproject:briar	briarproject briar	eq	1.0.10
briarproject:briar	briarproject briar	eq	1.2.9
briarproject:briar	briarproject briar	eq	1.4.10
briarproject:briar	briarproject briar	eq	1.2.19
briarproject:briar	briarproject briar	eq	1.1.4
briarproject:briar	briarproject briar	eq	1.4.8
briarproject:briar	briarproject briar	eq	1.2.17
briarproject:briar	briarproject briar	eq	1.0.9

Rows per page:

1-10 of 661

References

briarproject.org/news/2023-three-security-issues-found-and-fixed/

ethz.ch/content/dam/ethz/special-interest/infk/inst-infsec/appliedcrypto/education/theses/report_YuanmingSong.pdf

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0 Low

EPSS

Percentile

14.0%

JSON

Related for CVE-2023-33980

prion1