Lucene search

[email protected]CVE-2023-4882

HistoryOct 03, 2023 - 3:15 p.m.

CVE-2023-4882

2023-10-0315:15:40

CWE-404

[email protected]

web.nvd.nist.gov

cve-2023-4882

dos vulnerability

vnf

virtual network function

service crash

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.0%

JSON

DOS vulnerability that could allow an attacker to register a new VNF (Virtual Network Function) value. This action could trigger the args_assets() function defined in the arg-log.php file, which would then execute the args-abort.c file, causing the service to crash.

Affected configurations

Vulners

NVD

Node

open5gsopen5gsRange≤2.4.10 and prior

VendorProductVersionCPE
open5gsopen5gs*cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
open5gs	open5gs	*	cpe:2.3:a:open5gs:open5gs::::::::

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Open5GS",
    "vendor": "Open5GS",
    "versions": [
      {
        "status": "affected",
        "version": "2.4.10 and prior"
      }
    ]
  }
]

References

www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-open5gs

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.0%

JSON

Related for CVE-2023-4882

prion1 cvelist1 nvd1