Common Weakness Enumeration

CWE-755

Discouraged

Improper Handling of Exceptional Conditions

Abstraction: Class · Status: Incomplete

The product does not handle or incorrectly handles an exceptional condition.

685 vulnerabilities reference this CWE, most recent first.

CVE-2024-0108 (GCVE-0-2024-0108)

Vulnerability from cvelistv5 – Published: 2024-08-08 16:18 – Updated: 2024-08-09 15:48
VLAI
Summary
NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-755 - Improper Handling of Exceptional Conditions
Assigner
Impacted products
Vendor Product Version
NVIDIA NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson TX1, Jetson Nano series Affected: All versions prior to and including 32.7.4
Create a notification for this product.
nvidia jetson_agx_xavier Affected: 0 , ≤ 32.7.4 (custom)
    cpe:2.3:a:nvidia:jetson_agx_xavier:*:*:*:*:*:*:*:*
Create a notification for this product.
nvidia jetson_xavier_nx Affected: 0 , ≤ 32.7.4 (custom)
    cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*
Create a notification for this product.
nvidia jetson_tx2 Affected: 0 , ≤ 32.7.4 (custom)
    cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*
Create a notification for this product.
nvidia jetson_tx2_nx Affected: 0 , ≤ 32.7.4 (custom)
    cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*
Create a notification for this product.
nvidia jetson_tx1 Affected: 0 , ≤ 32.7.4 (custom)
    cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*
Create a notification for this product.
nvidia jetson_nano Affected: 0 , ≤ 32.7.4 (custom)
    cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:nvidia:jetson_agx_xavier:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "jetson_agx_xavier",
            "vendor": "nvidia",
            "versions": [
              {
                "lessThanOrEqual": "32.7.4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "jetson_xavier_nx",
            "vendor": "nvidia",
            "versions": [
              {
                "lessThanOrEqual": "32.7.4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "jetson_tx2",
            "vendor": "nvidia",
            "versions": [
              {
                "lessThanOrEqual": "32.7.4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "jetson_tx2_nx",
            "vendor": "nvidia",
            "versions": [
              {
                "lessThanOrEqual": "32.7.4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "jetson_tx1",
            "vendor": "nvidia",
            "versions": [
              {
                "lessThanOrEqual": "32.7.4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "jetson_nano",
            "vendor": "nvidia",
            "versions": [
              {
                "lessThanOrEqual": "32.7.4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-0108",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-09T15:37:53.668854Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-09T15:48:50.071Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Jetson Linux"
          ],
          "product": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson TX1, Jetson Nano series",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All versions prior to and including 32.7.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.\u003c/span\u003e"
            }
          ],
          "value": "NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of service, code execution, escalation of privileges"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755 Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-08T16:18:27.914Z",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5555"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2024-0108",
    "datePublished": "2024-08-08T16:18:27.914Z",
    "dateReserved": "2023-12-02T00:42:18.437Z",
    "dateUpdated": "2024-08-09T15:48:50.071Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-52075 (GCVE-0-2023-52075)

Vulnerability from cvelistv5 – Published: 2023-12-27 19:49 – Updated: 2024-09-09 17:58
VLAI
Title
ReVanced API vulnerable to Denial of Service due to lack of error caching
Summary
ReVanced API proxies requests needed to feed the ReVanced Manager and website with data. Up to and including commit 71f81f7f20cd26fd707335bca9838fa3e7df20d2, ReVanced API lacks error caching causing rate limit to be triggered thus increasing server load. This causes a denial of service for all users using the API. It is recommended to implement proper error caching.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-755 - Improper Handling of Exceptional Conditions
Assigner
References
Impacted products
Vendor Product Version
ReVanced revanced-api Affected: <= 71f81f7f20cd26fd707335bca9838fa3e7df20d2
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T22:48:12.150Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/ReVanced/revanced-api/security/advisories/GHSA-852x-grxp-8p3q",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ReVanced/revanced-api/security/advisories/GHSA-852x-grxp-8p3q"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52075",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-04T18:20:58.204547Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-09T17:58:49.149Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "revanced-api",
          "vendor": "ReVanced",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 71f81f7f20cd26fd707335bca9838fa3e7df20d2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ReVanced API proxies requests needed to feed the ReVanced Manager and website with data. Up to and including commit 71f81f7f20cd26fd707335bca9838fa3e7df20d2, ReVanced API lacks error caching causing rate limit to be triggered thus increasing server load. This causes a denial of service for all users using the API.  It is recommended to implement proper error caching.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755: Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-27T19:49:39.515Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/ReVanced/revanced-api/security/advisories/GHSA-852x-grxp-8p3q",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ReVanced/revanced-api/security/advisories/GHSA-852x-grxp-8p3q"
        }
      ],
      "source": {
        "advisory": "GHSA-852x-grxp-8p3q",
        "discovery": "UNKNOWN"
      },
      "title": "ReVanced API vulnerable to Denial of Service due to lack of error caching"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-52075",
    "datePublished": "2023-12-27T19:49:39.515Z",
    "dateReserved": "2023-12-26T12:53:20.669Z",
    "dateUpdated": "2024-09-09T17:58:49.149Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-50728 (GCVE-0-2023-50728)

Vulnerability from cvelistv5 – Published: 2023-12-15 21:59 – Updated: 2024-08-02 22:16
VLAI
Title
Unauthenticated Denial of Service in the octokit/webhooks library
Summary
octokit/webhooks is a GitHub webhook events toolset for Node.js. Starting in 9.26.0 and prior to 9.26.3, 10.9.2, 11.1.2, and 12.0.4, there is a problem caused by an issue with error handling in the @octokit/webhooks library because the error can be undefined in some cases. The resulting request was found to cause an uncaught exception that ends the nodejs process. The bug is fixed in octokit/webhooks.js 9.26.3, 10.9.2, 11.1.2, and 12.0.4, app.js 14.02, octokit.js 3.1.2, and Protobot 12.3.3.
CWE
  • CWE-755 - Improper Handling of Exceptional Conditions
Assigner
Impacted products
Vendor Product Version
octokit webhooks.js Affected: >= 9.26.0, < 9.26.3
Affected: >= 10.9.0, < 10.9.2
Affected: >= 11.1.0, < 11.1.2
Affected: >= 12.0.0, < 12.0.4
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T22:16:47.284Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/octokit/webhooks.js/security/advisories/GHSA-pwfr-8pq7-x9qv",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/octokit/webhooks.js/security/advisories/GHSA-pwfr-8pq7-x9qv"
          },
          {
            "name": "https://github.com/octokit/app.js/releases/tag/v14.0.2",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/octokit/app.js/releases/tag/v14.0.2"
          },
          {
            "name": "https://github.com/octokit/octokit.js/releases/tag/v3.1.2",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/octokit/octokit.js/releases/tag/v3.1.2"
          },
          {
            "name": "https://github.com/octokit/webhooks.js/releases/tag/v10.9.2",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/octokit/webhooks.js/releases/tag/v10.9.2"
          },
          {
            "name": "https://github.com/octokit/webhooks.js/releases/tag/v11.1.2",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/octokit/webhooks.js/releases/tag/v11.1.2"
          },
          {
            "name": "https://github.com/octokit/webhooks.js/releases/tag/v12.0.4",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/octokit/webhooks.js/releases/tag/v12.0.4"
          },
          {
            "name": "https://github.com/octokit/webhooks.js/releases/tag/v9.26.3",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/octokit/webhooks.js/releases/tag/v9.26.3"
          },
          {
            "name": "https://github.com/probot/probot/releases/tag/v12.3.3",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/probot/probot/releases/tag/v12.3.3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "webhooks.js",
          "vendor": "octokit",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 9.26.0, \u003c 9.26.3"
            },
            {
              "status": "affected",
              "version": "\u003e= 10.9.0, \u003c 10.9.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 11.1.0, \u003c 11.1.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 12.0.0, \u003c 12.0.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "octokit/webhooks is a GitHub webhook events toolset for Node.js. Starting in 9.26.0 and prior to 9.26.3, 10.9.2, 11.1.2, and 12.0.4, there is a problem caused by an issue with error handling in the @octokit/webhooks library because the error can be undefined in some cases. The resulting request was found to cause an uncaught exception that ends the nodejs process.  The bug is fixed in octokit/webhooks.js 9.26.3, 10.9.2, 11.1.2, and 12.0.4, app.js 14.02, octokit.js 3.1.2, and Protobot 12.3.3."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755: Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-15T21:59:00.312Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/octokit/webhooks.js/security/advisories/GHSA-pwfr-8pq7-x9qv",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/octokit/webhooks.js/security/advisories/GHSA-pwfr-8pq7-x9qv"
        },
        {
          "name": "https://github.com/octokit/app.js/releases/tag/v14.0.2",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/octokit/app.js/releases/tag/v14.0.2"
        },
        {
          "name": "https://github.com/octokit/octokit.js/releases/tag/v3.1.2",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/octokit/octokit.js/releases/tag/v3.1.2"
        },
        {
          "name": "https://github.com/octokit/webhooks.js/releases/tag/v10.9.2",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/octokit/webhooks.js/releases/tag/v10.9.2"
        },
        {
          "name": "https://github.com/octokit/webhooks.js/releases/tag/v11.1.2",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/octokit/webhooks.js/releases/tag/v11.1.2"
        },
        {
          "name": "https://github.com/octokit/webhooks.js/releases/tag/v12.0.4",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/octokit/webhooks.js/releases/tag/v12.0.4"
        },
        {
          "name": "https://github.com/octokit/webhooks.js/releases/tag/v9.26.3",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/octokit/webhooks.js/releases/tag/v9.26.3"
        },
        {
          "name": "https://github.com/probot/probot/releases/tag/v12.3.3",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/probot/probot/releases/tag/v12.3.3"
        }
      ],
      "source": {
        "advisory": "GHSA-pwfr-8pq7-x9qv",
        "discovery": "UNKNOWN"
      },
      "title": "Unauthenticated Denial of Service in the octokit/webhooks library"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-50728",
    "datePublished": "2023-12-15T21:59:00.312Z",
    "dateReserved": "2023-12-11T17:53:36.032Z",
    "dateUpdated": "2024-08-02T22:16:47.284Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-50212 (GCVE-0-2023-50212)

Vulnerability from cvelistv5 – Published: 2024-05-03 02:14 – Updated: 2024-08-02 22:09
VLAI
Title
D-Link G416 httpd Improper Handling of Exceptional Conditions Information Disclosure Vulnerability
Summary
D-Link G416 httpd Improper Handling of Exceptional Conditions Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper handling of error conditions. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-21664.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-755 - Improper Handling of Exceptional Conditions
Assigner
zdi
References
Impacted products
Vendor Product Version
D-Link G416 Affected: 1.08b02
Create a notification for this product.
Date Public
2023-12-20 10:44
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-50212",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-03T16:28:12.435880Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:18:07.406Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T22:09:49.690Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ZDI-23-1828",
            "tags": [
              "x_research-advisory",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1828/"
          },
          {
            "name": "vendor-provided URL",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10367"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "G416",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "1.08b02"
            }
          ]
        }
      ],
      "dateAssigned": "2023-12-05T19:37:59.627Z",
      "datePublic": "2023-12-20T10:44:27.160Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "D-Link G416 httpd Improper Handling of Exceptional Conditions Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper handling of error conditions. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-21664."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755: Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-03T02:14:33.597Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-23-1828",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1828/"
        },
        {
          "name": "vendor-provided URL",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10367"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam)"
      },
      "title": "D-Link G416 httpd Improper Handling of Exceptional Conditions Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2023-50212",
    "datePublished": "2024-05-03T02:14:33.597Z",
    "dateReserved": "2023-12-05T16:15:17.541Z",
    "dateUpdated": "2024-08-02T22:09:49.690Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48232 (GCVE-0-2023-48232)

Vulnerability from cvelistv5 – Published: 2023-11-16 22:57 – Updated: 2026-06-23 17:19
VLAI
Title
Floating point Exception in adjust_plines_for_skipcol() in vim
Summary
Vim is an open source command line text editor. A floating point exception may occur when calculating the line offset for overlong lines and smooth scrolling is enabled and the cpo-settings include the 'n' flag. This may happen when a window border is present and when the wrapped line continues on the next physical line directly in the window border because the 'cpo' setting includes the 'n' flag. Only users with non-default settings are affected and the exception should only result in a crash. This issue has been addressed in commit `cb0b99f0` which has been included in release version 9.0.2107. Users are advised to upgrade. There are no known workarounds for this vulnerability.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-755 - Improper Handling of Exceptional Conditions
Assigner
Impacted products
Vendor Product Version
vim vim Affected: < 9.0.2107
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:23:39.368Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/vim/vim/security/advisories/GHSA-f6cx-x634-hqpw",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/vim/vim/security/advisories/GHSA-f6cx-x634-hqpw"
          },
          {
            "name": "https://github.com/vim/vim/commit/cb0b99f0672d8446585d26e998343dceca17d1ce",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/vim/vim/commit/cb0b99f0672d8446585d26e998343dceca17d1ce"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/11/16/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M3VQF7CL3V6FGSEW37WNDFBRRILR65AK/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNRNYLWXZOGTYWE5HMFNQ5FVE3HBUHF6/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UJAK2W5S7G75ETDAEM3BDUCVSXCEGRD/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20231227-0006/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-48232",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-03T15:34:09.661287Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-23T17:19:10.835Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "vim",
          "vendor": "vim",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 9.0.2107"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Vim is an open source command line text editor. A floating point exception may occur when calculating the line offset for overlong lines and smooth scrolling is enabled and the cpo-settings include the \u0027n\u0027 flag. This may happen when a window border is present and when the wrapped line continues on the next physical line directly in the window border because the \u0027cpo\u0027 setting includes the \u0027n\u0027 flag. Only users with non-default settings are affected and the exception should only result in a crash. This issue has been addressed in commit `cb0b99f0` which has been included in release version 9.0.2107. Users are advised to upgrade. There are no known workarounds for this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 3.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755: Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-27T15:06:23.664Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/vim/vim/security/advisories/GHSA-f6cx-x634-hqpw",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/vim/vim/security/advisories/GHSA-f6cx-x634-hqpw"
        },
        {
          "name": "https://github.com/vim/vim/commit/cb0b99f0672d8446585d26e998343dceca17d1ce",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/vim/vim/commit/cb0b99f0672d8446585d26e998343dceca17d1ce"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/11/16/1"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M3VQF7CL3V6FGSEW37WNDFBRRILR65AK/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNRNYLWXZOGTYWE5HMFNQ5FVE3HBUHF6/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UJAK2W5S7G75ETDAEM3BDUCVSXCEGRD/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20231227-0006/"
        }
      ],
      "source": {
        "advisory": "GHSA-f6cx-x634-hqpw",
        "discovery": "UNKNOWN"
      },
      "title": "Floating point Exception in adjust_plines_for_skipcol() in vim"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-48232",
    "datePublished": "2023-11-16T22:57:17.462Z",
    "dateReserved": "2023-11-13T13:25:18.481Z",
    "dateUpdated": "2026-06-23T17:19:10.835Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-46673 (GCVE-0-2023-46673)

Vulnerability from cvelistv5 – Published: 2023-11-22 09:27 – Updated: 2024-08-02 20:53
VLAI
Summary
It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.
CWE
  • CWE-755 - Improper Handling of Exceptional Conditions
Assigner
Impacted products
Vendor Product Version
Elastic Elasticsearch Affected: 7.0.0 , < 7.17.14 (semver)
Affected: 8.0.0 , < 8.10.3 (semver)
Create a notification for this product.
Date Public
2023-11-22 09:26
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:53:21.554Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://discuss.elastic.co/t/elasticsearch-7-17-14-8-10-3-security-update-esa-2023-24/347708"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.elastic.co/community/security"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Elasticsearch",
          "vendor": "Elastic",
          "versions": [
            {
              "lessThan": "7.17.14",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "8.10.3",
              "status": "affected",
              "version": "8.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "datePublic": "2023-11-22T09:26:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.\u003cbr\u003e"
            }
          ],
          "value": "It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755 Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-22T09:27:10.454Z",
        "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "shortName": "elastic"
      },
      "references": [
        {
          "url": "https://discuss.elastic.co/t/elasticsearch-7-17-14-8-10-3-security-update-esa-2023-24/347708"
        },
        {
          "url": "https://www.elastic.co/community/security"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
    "assignerShortName": "elastic",
    "cveId": "CVE-2023-46673",
    "datePublished": "2023-11-22T09:27:10.454Z",
    "dateReserved": "2023-10-24T17:28:32.186Z",
    "dateUpdated": "2024-08-02T20:53:21.554Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-45820 (GCVE-0-2023-45820)

Vulnerability from cvelistv5 – Published: 2023-10-19 18:38 – Updated: 2024-09-12 17:51
VLAI
Title
Directus crashes on invalid WebSocket message
Summary
Directus is a real-time API and App dashboard for managing SQL database content. In affected versions any Directus installation that has websockets enabled can be crashed if the websocket server receives an invalid frame. A malicious user could leverage this bug to crash Directus. This issue has been addressed in version 10.6.2. Users are advised to upgrade. Users unable to upgrade should avoid using websockets.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-755 - Improper Handling of Exceptional Conditions
Assigner
References
Impacted products
Vendor Product Version
directus directus Affected: >=10.4, < 10.6.2
Create a notification for this product.
directus directus Affected: 10.4 , < 10.6.2 (custom)
    cpe:2.3:a:directus:directus:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:29:32.516Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/directus/directus/security/advisories/GHSA-hmgw-9jrg-hf2m",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/directus/directus/security/advisories/GHSA-hmgw-9jrg-hf2m"
          },
          {
            "name": "https://github.com/directus/directus/commit/243eed781b42d6b4948ddb8c3792bcf5b44f55bb",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/directus/directus/commit/243eed781b42d6b4948ddb8c3792bcf5b44f55bb"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:directus:directus:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "directus",
            "vendor": "directus",
            "versions": [
              {
                "lessThan": "10.6.2",
                "status": "affected",
                "version": "10.4",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-45820",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-12T17:37:55.720867Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-12T17:51:27.185Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "directus",
          "vendor": "directus",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e=10.4, \u003c 10.6.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Directus is a real-time API and App dashboard for managing SQL database content. In affected versions any Directus installation that has websockets enabled can be crashed if the websocket server receives an invalid frame. A malicious user could leverage this bug to crash Directus. This issue has been addressed in version 10.6.2. Users are advised to upgrade. Users unable to upgrade should avoid using websockets."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755: Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-19T18:38:18.856Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/directus/directus/security/advisories/GHSA-hmgw-9jrg-hf2m",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/directus/directus/security/advisories/GHSA-hmgw-9jrg-hf2m"
        },
        {
          "name": "https://github.com/directus/directus/commit/243eed781b42d6b4948ddb8c3792bcf5b44f55bb",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/directus/directus/commit/243eed781b42d6b4948ddb8c3792bcf5b44f55bb"
        }
      ],
      "source": {
        "advisory": "GHSA-hmgw-9jrg-hf2m",
        "discovery": "UNKNOWN"
      },
      "title": "Directus crashes on invalid WebSocket message"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-45820",
    "datePublished": "2023-10-19T18:38:18.856Z",
    "dateReserved": "2023-10-13T12:00:50.438Z",
    "dateUpdated": "2024-09-12T17:51:27.185Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-44186 (GCVE-0-2023-44186)

Vulnerability from cvelistv5 – Published: 2023-10-11 20:08 – Updated: 2024-12-03 14:49
VLAI
Title
Junos OS and Junos OS Evolved: RPD crash when attempting to send a very long AS PATH to a non-4-byte-AS capable BGP neighbor
Summary
An Improper Handling of Exceptional Conditions vulnerability in AS PATH processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a BGP update message with an AS PATH containing a large number of 4-byte ASes, leading to a Denial of Service (DoS). Continued receipt and processing of these BGP updates will create a sustained Denial of Service (DoS) condition. This issue is hit when the router has Non-Stop Routing (NSR) enabled, has a non-4-byte-AS capable BGP neighbor, receives a BGP update message with a prefix that includes a long AS PATH containing large number of 4-byte ASes, and has to advertise the prefix towards the non-4-byte-AS capable BGP neighbor. Note: NSR is not supported on the SRX Series and is therefore not affected by this vulnerability. This issue affects: Juniper Networks Junos OS: * All versions prior to 20.4R3-S8; * 21.1 versions 21.1R1 and later; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3-S1; * 22.4 versions prior to 22.4R2-S1, 22.4R3. Juniper Networks Junos OS Evolved * All versions prior to 20.4R3-S8-EVO; * 21.1 versions 21.1R1-EVO and later; * 21.2 versions prior to 21.2R3-S6-EVO; * 21.3 versions prior to 21.3R3-S5-EVO; * 21.4 versions prior to 21.4R3-S5-EVO; * 22.1 versions prior to 22.1R3-S4-EVO; * 22.2 versions prior to 22.2R3-S2-EVO; * 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO; * 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-755 - Improper Handling of Exceptional Conditions
  • Denial of Service (DoS)
Assigner
References
Impacted products
Vendor Product Version
Juniper Networks Junos OS Affected: 0 , < 20.4R3-S8 (semver)
Affected: 21.1R1 , < 21.1* (semver)
Affected: 21.2 , < 21.2R3-S6 (semver)
Affected: 21.3 , < 21.3R3-S5 (semver)
Affected: 21.4 , < 21.4R3-S5 (semver)
Affected: 22.1 , < 22.1R3-S4 (semver)
Affected: 22.2 , < 22.2R3-S2 (semver)
Affected: 22.3 , < 22.3R2-S2, 22.3R3-S1 (semver)
Affected: 22.4 , < 22.4R2-S1, 22.4R3 (semver)
Create a notification for this product.
Juniper Networks Junos OS Evolved Affected: 0 , < 20.4R3-S8-EVO (semver)
Affected: 21.1 , < 21.1*-EVO (semver)
Affected: 21.2 , < 21.2R3-S6-EVO (semver)
Affected: 21.3 , < 21.3R3-S5-EVO (semver)
Affected: 21.4 , < 21.4R3-S5-EVO (semver)
Affected: 22.1 , < 22.1R3-S4-EVO (semver)
Affected: 22.2 , < 22.2R3-S2-EVO (semver)
Affected: 22.3 , < 22.3R2-S2-EVO, 22.3R3-S1-EVO (semver)
Affected: 22.4 , < 22.4R2-S1-EVO, 22.4R3-EVO (semver)
Create a notification for this product.
Date Public
2023-10-11 16:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:59:51.607Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://supportportal.juniper.net/JSA73150"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-44186",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-06T16:45:50.764805Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-03T14:49:41.755Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "MX Series",
            "PTX Series",
            "ACX Series",
            "EX Series",
            "QFX Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "20.4R3-S8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "21.1*",
              "status": "affected",
              "version": "21.1R1",
              "versionType": "semver"
            },
            {
              "lessThan": "21.2R3-S6",
              "status": "affected",
              "version": "21.2",
              "versionType": "semver"
            },
            {
              "lessThan": "21.3R3-S5",
              "status": "affected",
              "version": "21.3",
              "versionType": "semver"
            },
            {
              "lessThan": "21.4R3-S5",
              "status": "affected",
              "version": "21.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.1R3-S4",
              "status": "affected",
              "version": "22.1",
              "versionType": "semver"
            },
            {
              "lessThan": "22.2R3-S2",
              "status": "affected",
              "version": "22.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R2-S2, 22.3R3-S1",
              "status": "affected",
              "version": "22.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R2-S1, 22.4R3",
              "status": "affected",
              "version": "22.4",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "PTX Series",
            "ACX Series",
            "QFX Series"
          ],
          "product": "Junos OS Evolved",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "20.4R3-S8-EVO",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "21.1*-EVO",
              "status": "affected",
              "version": "21.1",
              "versionType": "semver"
            },
            {
              "lessThan": "21.2R3-S6-EVO",
              "status": "affected",
              "version": "21.2",
              "versionType": "semver"
            },
            {
              "lessThan": "21.3R3-S5-EVO",
              "status": "affected",
              "version": "21.3",
              "versionType": "semver"
            },
            {
              "lessThan": "21.4R3-S5-EVO",
              "status": "affected",
              "version": "21.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.1R3-S4-EVO",
              "status": "affected",
              "version": "22.1",
              "versionType": "semver"
            },
            {
              "lessThan": "22.2R3-S2-EVO",
              "status": "affected",
              "version": "22.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R2-S2-EVO, 22.3R3-S1-EVO",
              "status": "affected",
              "version": "22.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R2-S1-EVO, 22.4R3-EVO",
              "status": "affected",
              "version": "22.4",
              "versionType": "semver"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eNonstop Active Routing is enabled using the following configuration:\u003c/p\u003e \u003ctt\u003e[edit chassis redundancy]\u003cbr\u003e\u003c/tt\u003e\u003ctt\u003egraceful-switchover;\u003cbr\u003e\u003c/tt\u003e\u003ctt\u003e\u003cbr\u003e[edit routing-options]\u003cbr\u003e\u003c/tt\u003e\u003ctt\u003enonstop-routing;\u003c/tt\u003e"
            }
          ],
          "value": "Nonstop Active Routing is enabled using the following configuration:\n\n [edit chassis redundancy]\ngraceful-switchover;\n\n[edit routing-options]\nnonstop-routing;"
        }
      ],
      "datePublic": "2023-10-11T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eAn Improper Handling of Exceptional Conditions vulnerability in AS PATH processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a BGP update message with an AS PATH containing a large number of 4-byte ASes, leading to a Denial of Service (DoS). Continued receipt and processing of these BGP updates will create a sustained Denial of Service (DoS) condition.\u003c/p\u003e\u003cp\u003eThis issue is hit when the router has Non-Stop Routing (NSR) enabled, has a non-4-byte-AS capable BGP neighbor, receives a BGP update message with a prefix that includes a long AS PATH containing large number of 4-byte ASes, and has to advertise the prefix towards the non-4-byte-AS capable BGP neighbor.\u003c/p\u003eNote: NSR is not supported on the SRX Series and is therefore not affected by this vulnerability.\u003cbr\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cp\u003eJuniper Networks Junos OS:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions prior to 20.4R3-S8;\u003c/li\u003e\u003cli\u003e21.1 versions 21.1R1 and later;\u003c/li\u003e\u003cli\u003e21.2 versions prior to 21.2R3-S6;\u003c/li\u003e\u003cli\u003e21.3 versions prior to 21.3R3-S5;\u003c/li\u003e\u003cli\u003e21.4 versions prior to 21.4R3-S5;\u003c/li\u003e\u003cli\u003e22.1 versions prior to 22.1R3-S4;\u003c/li\u003e\u003cli\u003e22.2 versions prior to 22.2R3-S2;\u003c/li\u003e\u003cli\u003e22.3 versions prior to 22.3R2-S2, 22.3R3-S1;\u003c/li\u003e\u003cli\u003e22.4 versions prior to 22.4R2-S1, 22.4R3.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eJuniper Networks Junos OS Evolved\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions prior to 20.4R3-S8-EVO;\u003c/li\u003e\u003cli\u003e21.1 versions 21.1R1-EVO and later;\u003c/li\u003e\u003cli\u003e21.2 versions prior to 21.2R3-S6-EVO;\u003c/li\u003e\u003cli\u003e21.3 versions prior to 21.3R3-S5-EVO;\u003c/li\u003e\u003cli\u003e21.4 versions prior to 21.4R3-S5-EVO;\u003c/li\u003e\u003cli\u003e22.1 versions prior to 22.1R3-S4-EVO;\u003c/li\u003e\u003cli\u003e22.2 versions prior to 22.2R3-S2-EVO;\u003c/li\u003e\u003cli\u003e22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO;\u003c/li\u003e\u003cli\u003e22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\n\n"
            }
          ],
          "value": "\nAn Improper Handling of Exceptional Conditions vulnerability in AS PATH processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a BGP update message with an AS PATH containing a large number of 4-byte ASes, leading to a Denial of Service (DoS). Continued receipt and processing of these BGP updates will create a sustained Denial of Service (DoS) condition.\n\nThis issue is hit when the router has Non-Stop Routing (NSR) enabled, has a non-4-byte-AS capable BGP neighbor, receives a BGP update message with a prefix that includes a long AS PATH containing large number of 4-byte ASes, and has to advertise the prefix towards the non-4-byte-AS capable BGP neighbor.\n\nNote: NSR is not supported on the SRX Series and is therefore not affected by this vulnerability.\nThis issue affects:\n\nJuniper Networks Junos OS:\n\n\n\n  *  All versions prior to 20.4R3-S8;\n  *  21.1 versions 21.1R1 and later;\n  *  21.2 versions prior to 21.2R3-S6;\n  *  21.3 versions prior to 21.3R3-S5;\n  *  21.4 versions prior to 21.4R3-S5;\n  *  22.1 versions prior to 22.1R3-S4;\n  *  22.2 versions prior to 22.2R3-S2;\n  *  22.3 versions prior to 22.3R2-S2, 22.3R3-S1;\n  *  22.4 versions prior to 22.4R2-S1, 22.4R3.\n\n\n\n\nJuniper Networks Junos OS Evolved\n\n\n\n  *  All versions prior to 20.4R3-S8-EVO;\n  *  21.1 versions 21.1R1-EVO and later;\n  *  21.2 versions prior to 21.2R3-S6-EVO;\n  *  21.3 versions prior to 21.3R3-S5-EVO;\n  *  21.4 versions prior to 21.4R3-S5-EVO;\n  *  22.1 versions prior to 22.1R3-S4-EVO;\n  *  22.2 versions prior to 22.2R3-S2-EVO;\n  *  22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO;\n  *  22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO.\n\n\n\n\n\n\n"
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755 Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "description": "Denial of Service (DoS)",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-05T23:07:57.356Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://supportportal.juniper.net/JSA73150"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: \u003c/p\u003e\u003cp\u003eJunos OS: 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S2, 22.3R2-S2, 22.3R3-S1, 22.4R2-S1, 22.4R3, 23.2R1, and all subsequent releases.\u003c/p\u003e\u003cp\u003eJunos OS Evolved: 20.4R3-S8-EVO, 21.2R3-S6-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 22.1R3-S4-EVO, 22.2R3-S2-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.4R2-S1-EVO, 22.4R3-EVO, 23.2R1-EVO, and all subsequent releases.\u003c/p\u003e"
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS: 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S2, 22.3R2-S2, 22.3R3-S1, 22.4R2-S1, 22.4R3, 23.2R1, and all subsequent releases.\n\nJunos OS Evolved: 20.4R3-S8-EVO, 21.2R3-S6-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 22.1R3-S4-EVO, 22.2R3-S2-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.4R2-S1-EVO, 22.4R3-EVO, 23.2R1-EVO, and all subsequent releases.\n\n"
        }
      ],
      "source": {
        "advisory": "JSA73150",
        "defect": [
          "1736029"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-10-11T16:00:00.000Z",
          "value": "Initial Publication"
        },
        {
          "lang": "en",
          "time": "2023-10-16T16:00:00.000Z",
          "value": "Added specific platforms affected and unaffected"
        },
        {
          "lang": "en",
          "time": "2024-03-05T17:00:00.000Z",
          "value": "Updated affected/fixed releases to convey that 23.2R1 and all subsequent releases are fixed."
        }
      ],
      "title": "Junos OS and Junos OS Evolved: RPD crash when attempting to send a very long AS PATH to a non-4-byte-AS capable BGP neighbor",
      "workarounds": [
        {
          "lang": "en",
          "value": "Current operational and security best practices, such as limiting the AS PATH length, should mitigate risk of this issue.\n\nBelow is an example configuration to limit AS PATH to 30 entries:\n\nset groups BASE-POLICY policy-options policy-statement MaxAS-Limit-30 term more-than-30 from protocol bgp\nset groups BASE-POLICY policy-options policy-statement MaxAS-Limit-30 term more-than-30 from as-path 31as\nset groups BASE-POLICY policy-options policy-statement MaxAS-Limit-30 term more-than-30 then reject\nset groups BASE-POLICY policy-options policy-statement MaxAS-Limit-30 then accept\nset groups BASE-POLICY policy-options policy-statement Customer-IN term MaxAS-Limit from policy MaxAS-Limit-30\nset groups BASE-BGP protocols bgp group \u003c*-CUSTOMER\u003e import Customer-IN\nset groups BASE-PREFIX-LISTS policy-options as-path 31as \".{31,}\""
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-av217"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2023-44186",
    "datePublished": "2023-10-11T20:08:26.308Z",
    "dateReserved": "2023-09-26T19:30:27.953Z",
    "dateUpdated": "2024-12-03T14:49:41.755Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-42509 (GCVE-0-2023-42509)

Vulnerability from cvelistv5 – Published: 2024-03-07 14:07 – Updated: 2024-08-02 19:57
VLAI
Title
JFrog Artifactory Sensitive Data Leakage in Repository configuration process
Summary
JFrog Artifactory later than version 7.17.4 but prior to version 7.77.0 is vulnerable to an issue whereby a sequence of improperly handled exceptions in repository configuration initialization steps may lead to exposure of sensitive data.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-755 - Improper Handling of Exceptional Conditions
Assigner
Impacted products
Vendor Product Version
JFrog Artifactory Affected: 7.17.4 , < 7.77.0 (custom)
Create a notification for this product.
jfrog artifactory Affected: 7.17.4 , < 7.77.0 (custom)
    cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:23:39.898Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jfrog.com/help/r/jfrog-release-information/jfrog-security-advisories"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "artifactory",
            "vendor": "jfrog",
            "versions": [
              {
                "lessThan": "7.77.0",
                "status": "affected",
                "version": "7.17.4",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-42509",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-02T19:56:32.949556Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:57:43.236Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Artifactory",
          "vendor": "JFrog",
          "versions": [
            {
              "lessThan": "7.77.0",
              "status": "affected",
              "version": "7.17.4",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "JFrog Artifactory later than version 7.17.4 but prior to version 7.77.0 is vulnerable to an issue whereby a sequence of improperly handled exceptions in repository configuration initialization steps may lead to exposure of sensitive data.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "JFrog Artifactory later than version 7.17.4 but prior to version 7.77.0 is vulnerable to an issue whereby a sequence of improperly handled exceptions in repository configuration initialization steps may lead to exposure of sensitive data.\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-37",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755 Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-07T14:07:09.944Z",
        "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
        "shortName": "JFROG"
      },
      "references": [
        {
          "url": "https://jfrog.com/help/r/jfrog-release-information/jfrog-security-advisories"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "JFrog Artifactory Sensitive Data Leakage in Repository configuration process",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
    "assignerShortName": "JFROG",
    "cveId": "CVE-2023-42509",
    "datePublished": "2024-03-07T14:07:09.944Z",
    "dateReserved": "2023-09-11T13:05:09.112Z",
    "dateUpdated": "2024-08-02T19:57:43.236Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-41332 (GCVE-0-2023-41332)

Vulnerability from cvelistv5 – Published: 2023-09-26 20:27 – Updated: 2024-09-23 20:30
VLAI
Title
Denial of service via Kubernetes annotations in specific Cilium configurations
Summary
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In Cilium clusters where Cilium's Layer 7 proxy has been disabled, creating workloads with `policy.cilium.io/proxy-visibility` annotations (in Cilium >= v1.13) or `io.cilium.proxy-visibility` annotations (in Cilium <= v1.12) causes the Cilium agent to segfault on the node to which the workload is assigned. Existing traffic on the affected node will continue to flow, but the Cilium agent on the node will not able to process changes to workloads running on the node. This will also prevent workloads from being able to start on the affected node. The denial of service will be limited to the node on which the workload is scheduled, however an attacker may be able to schedule workloads on the node of their choosing, which could lead to targeted attacks. This issue has been resolved in Cilium versions 1.14.2, 1.13.7, and 1.12.14. Users unable to upgrade can avoid this denial of service attack by enabling the Layer 7 proxy.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-755 - Improper Handling of Exceptional Conditions
Assigner
References
Impacted products
Vendor Product Version
cilium cilium Affected: >= 1.14.0, < 1.14.2
Affected: >= 1.13.0, < 1.13.7
Affected: < 1.12.14
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:01:34.337Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/cilium/cilium/security/advisories/GHSA-24m5-r6hv-ccgp",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/cilium/cilium/security/advisories/GHSA-24m5-r6hv-ccgp"
          },
          {
            "name": "https://github.com/cilium/cilium/pull/27597",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/cilium/cilium/pull/27597"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-41332",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-23T20:30:32.107290Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-23T20:30:43.084Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "cilium",
          "vendor": "cilium",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.14.0, \u003c 1.14.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.13.0, \u003c 1.13.7"
            },
            {
              "status": "affected",
              "version": "\u003c 1.12.14"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In Cilium clusters where Cilium\u0027s Layer 7 proxy has been disabled, creating workloads with `policy.cilium.io/proxy-visibility` annotations (in Cilium \u003e= v1.13) or `io.cilium.proxy-visibility` annotations (in Cilium \u003c= v1.12) causes the Cilium agent to segfault on the node to which the workload is assigned. Existing traffic on the affected node will continue to flow, but the Cilium agent on the node will not able to process changes to workloads running on the node. This will also prevent workloads from being able to start on the affected node. The denial of service will be limited to the node on which the workload is scheduled, however an attacker may be able to schedule workloads on the node of their choosing, which could lead to targeted attacks. This issue has been resolved in Cilium versions 1.14.2, 1.13.7, and 1.12.14. Users unable to upgrade can avoid this denial of service attack by enabling the Layer 7 proxy.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755: Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-26T20:27:41.226Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/cilium/cilium/security/advisories/GHSA-24m5-r6hv-ccgp",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/cilium/cilium/security/advisories/GHSA-24m5-r6hv-ccgp"
        },
        {
          "name": "https://github.com/cilium/cilium/pull/27597",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/cilium/cilium/pull/27597"
        }
      ],
      "source": {
        "advisory": "GHSA-24m5-r6hv-ccgp",
        "discovery": "UNKNOWN"
      },
      "title": "Denial of service via Kubernetes annotations in specific Cilium configurations"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-41332",
    "datePublished": "2023-09-26T20:27:41.226Z",
    "dateReserved": "2023-08-28T16:56:43.367Z",
    "dateUpdated": "2024-09-23T20:30:43.084Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.