Lucene search

K
redhatcveRedhat.comRH:CVE-2023-0809
HistoryDec 12, 2023 - 9:54 p.m.

CVE-2023-0809

2023-12-1221:54:32
redhat.com
access.redhat.com
8
eclipse mosquitto
memory leak
cve-2023-0809
vulnerability
remote attacker
denial of service

CVSS3

5.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

AI Score

5.9

Confidence

High

EPSS

0

Percentile

13.2%

A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.

CVSS3

5.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

AI Score

5.9

Confidence

High

EPSS

0

Percentile

13.2%