CVE-2024-9043

EPSS 0.06%
Veröffentlicht 20.09.2024 11:15:13
Zuletzt bearbeitet 25.09.2024 17:54:05
Quelle twcert@cert.org.tw
CVE-Watchlists
Login
Unerledigt
Login

Secure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Remote unauthenticated attackers can send crafted packets to crash the process, thereby bypassing authentication and obtaining system administrator privileges.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 2 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cellopoint ≫ Secure Email Gateway Version >= 4.2.1 <= 4.5.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.184

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
twcert@cert.org.tw	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-121 Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://www.twcert.org.tw/en/cp-139-8103-b0568-2.html

Third Party Advisory

https://www.twcert.org.tw/tw/cp-132-8102-b94a9-1.html

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-9043

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-9043

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-9043

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-9043