9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
35.7%
scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer
overflow during FIDO2 credentials validation in webauthn registration.
github.com/babelouest/glewlwyd/commit/f9d8c06aae8dfe17e761b18b577ff169e059e812
github.com/babelouest/glewlwyd/commit/f9d8c06aae8dfe17e761b18b577ff169e059e812 (v2.7.6)
github.com/babelouest/glewlwyd/releases/tag/v2.7.6
launchpad.net/bugs/cve/CVE-2023-49208
nvd.nist.gov/vuln/detail/CVE-2023-49208
security-tracker.debian.org/tracker/CVE-2023-49208
www.cve.org/CVERecord?id=CVE-2023-49208
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
35.7%