31 matches found
EUVD-2017-15764
Malware in sbrugna...
CVE-2022-35503
Improper verification of a user input in Open Source MANO v7-v12 allows an authenticated attacker to execute arbitrary code within the LCM module container via a Virtual Network Function VNF descriptor. An attacker may be able execute code to change the normal execution of the OSM components,...
CVE-2022-35503
Improper verification of a user input in Open Source MANO v7-v12 allows an authenticated attacker to execute arbitrary code within the LCM module container via a Virtual Network Function VNF descriptor. An attacker may be able execute code to change the normal execution of the OSM components,...
CVE-2023-4883
Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF Virtual Network Function, and triggering the ogssbimessagefree function, which could cause a...
CVE-2023-4885
Man in the Middle vulnerability, which could allow an attacker to intercept VNF Virtual Network Function communications resulting in the exposure of sensitive information...
Design/Logic Flaw
Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF Virtual Network Function, and triggering the ogssbimessagefree function, which could cause a...
Code injection
DOS vulnerability that could allow an attacker to register a new VNF Virtual Network Function value. This action could trigger the argsassets function defined in the arg-log.php file, which would then execute the args-abort.c file, causing the service to crash...
Information disclosure
Man in the Middle vulnerability, which could allow an attacker to intercept VNF Virtual Network Function communications resulting in the exposure of sensitive information...
CVE-2023-4885 Multiple vulnerabilities in Open5GS
Man in the Middle vulnerability, which could allow an attacker to intercept VNF Virtual Network Function communications resulting in the exposure of sensitive information...
CVE-2023-4885
Technical details for CVE-2023-4885 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.
CVE-2023-4885 Multiple vulnerabilities in Open5GS
Man in the Middle vulnerability, which could allow an attacker to intercept VNF Virtual Network Function communications resulting in the exposure of sensitive information...
CVE-2023-4883 Multiple vulnerabilities in Open5GS
Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF Virtual Network Function, and triggering the ogssbimessagefree function, which could cause a...
CVE-2023-4883 Multiple vulnerabilities in Open5GS
Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF Virtual Network Function, and triggering the ogssbimessagefree function, which could cause a...
CVE-2023-4883
Summary: CVE-2023-4883 is an invalid pointer release vulnerability in Open5GS (Open5GS Open5GS v2.x) involving the ogs_sbi_message_free function. Affected software/components: Open5GS (Open5GS implementation of 5G core/EPC); versions 2.4.10 and earlier are affected per CNVD/NVD entries. Root caus...
CVE-2023-4882
CVE-2023-4882 is a Denial of Service issue in Open5GS where an attacker can register a new VNF value, triggering the args_assets() function in arg-log.php to execute args-abort.c and crash the service. Red Hat and other sources corroborate the issue; no explicit exploit details or vulnerable vers...
CVE-2023-4882 Multiple vulnerabilities in Open5GS
DOS vulnerability that could allow an attacker to register a new VNF Virtual Network Function value. This action could trigger the argsassets function defined in the arg-log.php file, which would then execute the args-abort.c file, causing the service to crash...
CVE-2023-4882 Multiple vulnerabilities in Open5GS
DOS vulnerability that could allow an attacker to register a new VNF Virtual Network Function value. This action could trigger the argsassets function defined in the arg-log.php file, which would then execute the args-abort.c file, causing the service to crash...
PT-2023-30967 · Open5Gs · Open5Gs
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A DOS vulnerability could allow an attacker to register a new VNF Virtual Network Function value. This action could trigger the args assets function...
CVE-2020-1614
A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function VNF instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service e.g. SSH on the VNF, either locally, or...
CVE-2020-1614
A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function VNF instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service e.g. SSH on the VNF, either locally, or...