Lucene search

K
kasperskyKaspersky LabKLA61758
HistoryOct 04, 2023 - 12:00 a.m.

KLA61758 OSI vulnerability in Wireshark

2023-10-0400:00:00
Kaspersky Lab
threats.kaspersky.com
13
wireshark
vulnerability
osi

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

45.4%

Information disclosure vulnerability was found in Wireshark. Malicious users can exploit this vulnerability to obtain sensitive information.

Original advisories

Wireshark • wnpa-sec-2023-27 RTPS dissector memory leak

Related products

Wireshark

CVE list

CVE-2023-5371 high

Solution

Update to the latest version

Download Wireshark

Impacts

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

  • Wireshark 3.6.x earlier than 3.6.17Wireshark 4.0.x earlier than 4.0.9

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

45.4%