Lucene search

MitreCVE-2023-37605

HistoryOct 02, 2023 - 7:15 p.m.

CVE-2023-37605

2023-10-0219:15:10

CWE-755

mitre

web.nvd.nist.gov

vulnerability

baramundi software

emm agent

denial of service

crafted request

cve-2023-37605

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

7.3

Confidence

High

EPSS

Percentile

9.0%

JSON

Weak Exception Handling vulnerability in baramundi software GmbH EMM Agent 23.1.50 and before allows an attacker to cause a denial of service via a crafted request to the password parameter.

Affected configurations

Nvd

Node

baramundienterprise_mobility_managementRange≤23.1.50

VendorProductVersionCPE
baramundienterprise_mobility_management*cpe:2.3:a:baramundi:enterprise_mobility_management:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
baramundi	enterprise_mobility_management	*	cpe:2.3:a:baramundi:enterprise_mobility_management::::::::

References

medium.com/%40david_42/complex-password-vs-buffer-overflow-and-the-winner-is-decbc56db5e3

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

7.3

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for CVE-2023-37605