Lucene search

K

[email protected]NVD:CVE-2023-22435

HistoryJul 13, 2023 - 11:15 a.m.

CVE-2023-22435

2023-07-1311:15:08

CWE-697

CWE-787

[email protected]

web.nvd.nist.gov

experion server

dos

cve-2023-22435

stack overflow

specially crafted message

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

22.8%

Experion server may experience a DoS due to a stack overflow when handling a specially crafted message.

Affected configurations

NVD

Node

honeywellexperion_serverRange501.1–501.6hf8

OR

honeywellexperion_serverRange510.1–510.2hf12

OR

honeywellexperion_serverRange511.1–511.5tcu3

OR

honeywellexperion_serverRange520.1–520.1tcu4

OR

honeywellexperion_serverRange520.2–520.2tcu2

Node

honeywellexperion_stationRange501.1–501.6hf8

OR

honeywellexperion_stationRange510.1–510.2hf12

OR

honeywellexperion_stationRange511.1–511.5tcu3

OR

honeywellexperion_stationRange520.1–520.1tcu4

OR

honeywellexperion_stationRange520.2–520.2tcu2

Node

honeywellengineering_stationRange510.1–511.5tcu3

OR

honeywellengineering_stationRange520.1–520.1tcu4

OR

honeywellengineering_stationRange520.2–520.2tcu2

Node

honeywelldirect_stationRange510.1–511.5tcu3

OR

honeywelldirect_stationRange520.1–520.1tcu4

OR

honeywelldirect_stationRange520.2–520.2tcu2

References

process.honeywell.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

22.8%

Related for NVD:CVE-2023-22435

prion1 cvelist1 cve1 ics1