Lucene search

[email protected]NVD:CVE-2023-37605

HistoryOct 02, 2023 - 7:15 p.m.

CVE-2023-37605

2023-10-0219:15:10

CWE-755

[email protected]

web.nvd.nist.gov

exception handling

vulnerability

baramundi software

emm agent

denial of service

crafted request

password parameter

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.5

Confidence

High

EPSS

Percentile

9.0%

JSON

Weak Exception Handling vulnerability in baramundi software GmbH EMM Agent 23.1.50 and before allows an attacker to cause a denial of service via a crafted request to the password parameter.

Affected configurations

Nvd

Node

baramundienterprise_mobility_managementRange≤23.1.50

VendorProductVersionCPE
baramundienterprise_mobility_management*cpe:2.3:a:baramundi:enterprise_mobility_management:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
baramundi	enterprise_mobility_management	*	cpe:2.3:a:baramundi:enterprise_mobility_management::::::::

References

medium.com/%40david_42/complex-password-vs-buffer-overflow-and-the-winner-is-decbc56db5e3

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.5

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2023-37605

cvelist1 prion1 cve1