CVE-2003-1433

CWE-287Improper Authentication3 documents3 sources
Severity
4.3MEDIUM
EPSS
0.6%
top 29.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Epic Games Unreal Engine
Timeline
PublishedDec 31
Latest updateApr 29

Description

Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDepic_games/unreal_engine226f, 433, 436+2

🔴Vulnerability Details

2
GHSA
GHSA-q959-v446-rf26: Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining th2022-04-29
CVEList
CVE-2003-1433: Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining th2007-10-23
CVE-2003-1433 (MEDIUM CVSS 4.3) | Epic Games Unreal Engine 226f throu | cvebase.io