Lucene search

[email protected]NVD:CVE-2023-0411

HistoryJan 26, 2023 - 9:18 p.m.

CVE-2023-0411

2023-01-2621:18:07

CWE-834

[email protected]

web.nvd.nist.gov

wireshark

excessive loops

denial of service

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.1%

JSON

Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

Affected configurations

NVD

Node

wiresharkwiresharkRange3.6.0–3.6.10

wiresharkwiresharkRange4.0.0–4.0.2

References

gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0411.json

gitlab.com/wireshark/wireshark/-/issues/18711

gitlab.com/wireshark/wireshark/-/issues/18720

gitlab.com/wireshark/wireshark/-/issues/18737

lists.debian.org/debian-lts-announce/2023/02/msg00007.html

www.wireshark.org/security/wnpa-sec-2023-06.html

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.1%

JSON

Related for NVD:CVE-2023-0411

alpinelinux1 prion1 osv2 cvelist1 redhatcve1 veracode1 ubuntucve1 debiancve1 cve1 nessus11 debian1 openvas3 kaspersky1 rosalinux1 photon1