Lucene search

[email protected]NVD:CVE-2023-47347

HistoryNov 15, 2023 - 10:15 p.m.

CVE-2023-47347

2023-11-1522:15:27

CWE-120

[email protected]

web.nvd.nist.gov

buffer overflow

free5gc

denial of service

pfcp messages

sequence number

crafted messages

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0005 Low

EPSS

Percentile

17.1%

JSON

Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP messages whose Sequence Number is mutated to overflow bytes.

Affected configurations

NVD

Node

free5gcfree5gcMatch3.3.0

References

github.com/free5gc/free5gc/issues/496

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for NVD:CVE-2023-47347

osv1 cve1 cvelist1 prion1