Lucene search
TalosCVELIST:CVE-2023-23571HistoryJul 06, 2023 - 2:53 p.m.
CVE-2023-23571
2023-07-0614:53:34
CWE-126
talos
www.cve.org
4
milesight ur32l
access violation
vulnerability
denial of service
network request
eventcore functionality
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
27.1%
An access violation vulnerability exists in the eventcore functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to denial of service. An attacker can send a network request to trigger this vulnerability.
CNA Affected
[
{
"vendor": "Milesight",
"product": "UR32L",
"versions": [
{
"version": "v32.3.0.5",
"status": "affected"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2023-23571
2023-07-06 14:53:34
talos
talos
Milesight UR32L eventcore access violation vulnerability
2023-07-06 00:00:00
prion
prion
Design/Logic Flaw
2023-07-06 15:15:00
nvd
nvd
CVE-2023-23571
2023-07-06 15:15:11
cnvd
cnvd
Milesight UR32L eventcore function access control error vulnerability
2023-07-10 00:00:00
cve
cve
CVE-2023-23571
2023-07-06 15:15:11
talosblog
talosblog
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
27.1%
Related for CVELIST:CVE-2023-23571