Lucene search

[email protected]CVE-2023-34924

HistoryJun 26, 2023 - 9:15 p.m.

CVE-2023-34924

2023-06-2621:15:09

CWE-787

[email protected]

web.nvd.nist.gov

h3c

magic

b1stw

b1stv100r012

stack overflow

vulnerability

dos

post request

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0005 Low

EPSS

Percentile

17.1%

JSON

H3C Magic B1STW B1STV100R012 was discovered to contain a stack overflow via the function SetAPInfoById. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Affected configurations

NVD

Node

h3cmagic_b1stw_firmwareMatchb1stv100r012

AND

h3cmagic_b1stwMatch-

CPENameOperatorVersion
h3c:magic_b1stw_firmwareh3c magic b1stw firmwareeqb1stv100r012

CPE	Name	Operator	Version
h3c:magic_b1stw_firmware	h3c magic b1stw firmware	eq	b1stv100r012

References

github.com/ChrisL0tus/CVE-2023-34924

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for CVE-2023-34924

nvd1 cvelist1 prion1