Lucene search
HistoryJul 06, 2023 - 3:15 p.m.
CVE-2023-23571
access violation
denial of service
milesight ur32l v32.3.0.5
eventcore functionality
network request
cve-2023-23571
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
27.1%
An access violation vulnerability exists in the eventcore functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to denial of service. An attacker can send a network request to trigger this vulnerability.
Affected configurations
Node
milesightur32lMatch-
milesightur32l_firmwareMatch32.3.0.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| milesight | ur32l | - | cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:* |
| milesight | ur32l_firmware | 32.3.0.5 | cpe:2.3:o:milesight:ur32l_firmware:32.3.0.5:*:*:*:*:*:*:* |
Related
vulnrichment
vulnrichment
CVE-2023-23571
2023-07-06 14:53:34
talos
talos
Milesight UR32L eventcore access violation vulnerability
2023-07-06 00:00:00
prion
prion
Design/Logic Flaw
2023-07-06 15:15:00
cnvd
cnvd
Milesight UR32L eventcore function access control error vulnerability
2023-07-10 00:00:00
cvelist
cvelist
CVE-2023-23571
2023-07-06 14:53:34
cve
cve
CVE-2023-23571
2023-07-06 15:15:11
talosblog
talosblog
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
27.1%
Related for NVD:CVE-2023-23571