7.5
CVE-2023-3261
- EPSS 0.19%
- Veröffentlicht 14.08.2023 04:15:10
- Zuletzt bearbeitet 21.11.2024 08:16:49
- Quelle trellixpsirt@trellix.com
- CVE-Watchlists
- Unerledigt
LoginThe Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier contains a buffer overflow vulnerability in the librta.so.0.0.0 library.Successful exploitation could cause denial of service or unexpected behavior with respect to all interactions relying on the targeted vulnerable binary, including the ability to log in via the web server.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cyberpower ≫ Powerpanel Server SwEditionenterprise Version < 2.6.9
Dataprobe ≫ Iboot-pdu4a-c10 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu4a-c20 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu4a-n15 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu4a-n20 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu4-c20 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu4-n20 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu4sa-c10 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu4sa-c20 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu4sa-n15 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu4sa-n20 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu8a-2c10 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu8a-2c20 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu8a-2n15 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu8a-2n20 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu8a-c10 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu8a-c20 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu8a-n15 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu8a-n20 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu8sa-2n15 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu8sa-c10 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu8sa-n15 Firmware Version < 1.44.0804202
Dataprobe ≫ Iboot-pdu8sa-n20 Firmware Version < 1.44.0804202
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.416 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 1.2 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| trellixpsirt@trellix.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.