CVE-2022-31810
published 2023-07-11CVE-2022-31810: A vulnerability has been identified in SiPass integrated (All versions < V2.90.3.8). Affected server applications improperly check the size of data packets…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
A vulnerability has been identified in SiPass integrated (All versions < V2.90.3.8). Affected server applications improperly check the size of data packets received for the configuration client login, causing a stack-based buffer overflow.
This could allow an unauthenticated remote attacker to crash the server application, creating a denial of service condition.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | sipass_integrated | < 2.90.3.8 | 2.90.3.8 |
| siemens | sipass_integrated | — | — |