Lucene search

ASRCVELIST:CVE-2023-49700

HistoryNov 30, 2023 - 7:12 a.m.

CVE-2023-49700 Buffer Copy Without Checking size of input in IMS

2023-11-3007:12:51

CWE-120

ASR

www.cve.org

cve-2023-49700

security best practices

buffer copy

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L

0.0005 Low

EPSS

Percentile

18.0%

JSON

Security best practices violations, a string operation in Streamingmedia will write past the end of fixed-size destination buffer if the source buffer is too large.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "Falcon",
    "vendor": "ASR",
    "versions": [
      {
        "lessThan": "CP01.057.063",
        "status": "unaffected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.asrmicro.com/en/goods/psirt?cid=31

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L

0.0005 Low

EPSS

Percentile

18.0%

JSON

Related for CVELIST:CVE-2023-49700