Lucene search
K

8 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/11/15 2:39 p.m.55 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus are vulnerable to a denial of service due to Eclipse Mosquitto.

Summary The built-in MQTT pub/sub broker in IBM App Connect Enterprise and IBM Integration Bus is vulnerable to a denial of service due to Eclipse Mosquitto. CVE-2023-5632 Vulnerability Details CVEID: CVE-2023-5632 DESCRIPTION: Eclipse Mosquitto is vulnerable to a denial of service, caused by a...

7.5CVSS6.9AI score0.00689EPSS
Exploits0Affected Software2
OSV
OSV
added 2023/10/28 11:6 a.m.4 views

OESA-2023-1774 mosquitto security update

Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...

7.5CVSS6.5AI score0.00689EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2023/10/18 7:44 p.m.25 views

CVE-2023-5632

A denial of service vulnerability was found in Eclipse Mosquitto. Establishing a connection to the Mosquitto server without sending data could lead to excessive CPU consumption and a denial of service...

6.5CVSS7AI score0.00689EPSS
Exploits0References5
NVD
NVD
added 2023/10/18 9:15 a.m.21 views

CVE-2023-5632

In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server without sending data causes the EPOLLOUT event to be added, which results excessive CPU consumption. This could be used by a malicious actor to perform denial of service type attack. This issue is...

7.5CVSS7.1AI score0.00689EPSS
Exploits0References2
OSV
OSV
added 2023/10/18 9:15 a.m.3 views

BELL-CVE-2023-5632 CVE-2023-5632 does not affect BellSoft software

Bulletin has no description...

7.5CVSS5.8AI score0.00689EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/18 8:34 a.m.12 views

CVE-2023-5632 Unconditionally adding an event to the epoll causes excessive CPU consumption

In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server without sending data causes the EPOLLOUT event to be added, which results excessive CPU consumption. This could be used by a malicious actor to perform denial of service type attack. This issue is...

7.5CVSS6.8AI score0.00689EPSS
Exploits0References2
CVE
CVE
added 2023/10/18 8:34 a.m.72 views

CVE-2023-5632

Eclipse Mosquitto contains a denial-of-service issue (CVE-2023-5632): when establishing a connection to the broker without sending data, an EPOLLOUT event is added, causing excessive CPU usage. Affected versions are Mosquitto before and including 2.0.5; the issue is fixed in 2.0.6. Several feeds ...

7.5CVSS7.1AI score0.00689EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/10/18 8:34 a.m.21 views

CVE-2023-5632 Unconditionally adding an event to the epoll causes excessive CPU consumption

In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server without sending data causes the EPOLLOUT event to be added, which results excessive CPU consumption. This could be used by a malicious actor to perform denial of service type attack. This issue is...

7.5CVSS7.3AI score0.00689EPSS
Exploits0References2
Rows per page
Query Builder