CVE-2013-0715 — Improper Input Validation in Vxworks

CWE-20 — Improper Input Validation3 documents3 sources

Severity

4.0MEDIUMNVD

EPSS

0.6%

top 31.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Windriver Vxworks

Timeline

PublishedMar 20

Latest updateMay 17

Description

The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service (CLI session crash) via a crafted command string.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

▶NVDwindriver/vxworks5 versions+4

🔴Vulnerability Details

GHSA

GHSA-j4f8-q5x6-grv8: The WebCLI component in Wind River VxWorks 5↗2022-05-17

▶

CVEList

CVE-2013-0715: The WebCLI component in Wind River VxWorks 5↗2013-03-20

▶