Lucene search

[email protected]NVD:CVE-2024-40130

HistoryJul 16, 2024 - 7:15 p.m.

CVE-2024-40130

2024-07-1619:15:12

CWE-120

CWE-787

[email protected]

web.nvd.nist.gov

open5gs buffer overflow vulnerability

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

38.0%

JSON

open5gs v2.6.4 is vulnerable to Buffer Overflow. via /lib/core/abts.c.

Affected configurations

Nvd

Node

open5gsopen5gsMatch2.6.4

VendorProductVersionCPE
open5gsopen5gs2.6.4cpe:2.3:a:open5gs:open5gs:2.6.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
open5gs	open5gs	2.6.4	cpe:2.3:a:open5gs:open5gs:2.6.4:::::::*

References

github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008

github.com/open5gs/open5gs/issues/2577

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

38.0%

JSON

Related for NVD:CVE-2024-40130

cvelist1 vulnrichment1 cve1 osv1