CVE-2022-48475

Published: Sep 12, 2023Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Buffer Overflow vulnerability in Control de Ciber version 1.650, in the printing function. Sending a modified request by the attacker could cause a Buffer Overflow when the adminitrator tries to accept or delete the print query created by the request.

Affected (1)

Products: Cbm: Control De Ciber

1 product

Control De Ciber

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cbm Control De Ciber	Version 1.650

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (2)

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-control-de-ciber

Source: cve-coordination@incibe.es

Third Party Advisory

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-control-de-ciber

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.