Lucene search

[email protected]NVD:CVE-2022-47525

HistoryMay 31, 2023 - 12:15 a.m.

CVE-2022-47525

2023-05-3100:15:09

CWE-369

[email protected]

web.nvd.nist.gov

fox-it datadiode

3.4.3

divide-by-zero

vulnerability

denial-of-service

remote attacker

packet parser

exploitation

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.003 Low

EPSS

Percentile

65.3%

JSON

Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a Divide-by-Zero vulnerability in the packet parser. A remote attacker could leverage this vulnerability to cause a denial-of-service. Exploitation of this issue does not require user interaction.

Affected configurations

NVD

Node

fox-itfox_datadiodeMatch-

AND

fox-itfox_datadiode_firmwareMatch3.4.3

References

www.fox-it.com/nl-en/fox-crypto/fox-datadiode/

www.fox-it.com/nl-en/software-vulnerability-report/

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.003 Low

EPSS

Percentile

65.3%

JSON

Related for NVD:CVE-2022-47525

prion1 cvelist1 cve1