CVE-2024-23911

2024-04-1510:46:29

jpcert

www.cve.org

vulnerability

out-of-bounds read

cente middleware

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Out-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 NDP packets exists in Cente middleware TCP/IP Network Series, which may allow an unauthenticated attacker to stop the device operations by sending a specially crafted packet.

CNA Affected

[
  {
    "vendor": "DMG MORI Digital Co., LTD. and NEXT Co., Ltd.",
    "product": "Cente IPv6",
    "versions": [
      {
        "version": "Ver.1.51 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "DMG MORI Digital Co., LTD. and NEXT Co., Ltd.",
    "product": "Cente IPv6 SNMPv2",
    "versions": [
      {
        "version": "Ver.2.30 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "DMG MORI Digital Co., LTD. and NEXT Co., Ltd.",
    "product": "Cente IPv6 SNMPv3",
    "versions": [
      {
        "version": "Ver.2.30 and earlier",
        "status": "affected"
      }
    ]
  }
]

References

jvn.jp/en/vu/JVNVU94016877/

www.cente.jp/obstacle/4960/