Lucene search

[email protected]NVD:CVE-2023-24294

HistoryNov 29, 2023 - 1:15 a.m.

CVE-2023-24294

2023-11-2901:15:07

CWE-120

[email protected]

web.nvd.nist.gov

vulnerability

zumtobel

netlink ccd onboard

buffer overflow

firmware

cve-2023-24294

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

17.0%

JSON

Zumtobel Netlink CCD Onboard v3.74 - Firmware v3.80 was discovered to contain a buffer overflow via the component NetlinkWeb::Information::SetDeviceIdentification.

Affected configurations

Nvd

Node

zumtobelnetlink_ccdMatch3.74

AND

zumtobelnetlink_ccd_firmwareMatch3.80

VendorProductVersionCPE
zumtobelnetlink_ccd3.74cpe:2.3:h:zumtobel:netlink_ccd:3.74:*:*:*:*:*:*:*
zumtobelnetlink_ccd_firmware3.80cpe:2.3:o:zumtobel:netlink_ccd_firmware:3.80:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
zumtobel	netlink_ccd	3.74	cpe:2.3:h:zumtobel:netlink_ccd:3.74:::::::*
zumtobel	netlink_ccd_firmware	3.80	cpe:2.3:o:zumtobel:netlink_ccd_firmware:3.80:::::::*

References

zumtobel.com

yoroi.company/en/research/cve-advisory-partial-disclosure-zumtobel-multiple-vulnerabilities/

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

17.0%

JSON

Related for NVD:CVE-2023-24294

cvelist1 cve1 prion1