CVE-2023-41627

Published: Sep 1, 2023Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

O-RAN Software Community ric-plt-lib-rmr v4.9.0 does not validate the source of the routing tables it receives, potentially allowing attackers to send forged routing tables to the device.

Affected (1)

Products: O Ran Sc: Ric Message Router

O Ran Sc

1 product

Ric Message Router

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
O Ran Sc Ric Message Router	Version 4.9.0

References (4)

https://jira.o-ran-sc.org/browse/RIC-1001

Source: cve@mitre.org

Vendor Advisory

https://www.trendmicro.com/en_us/research/23/l/the-current-state-of-open-ran-security.html

Source: cve@mitre.org

https://jira.o-ran-sc.org/browse/RIC-1001

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.trendmicro.com/en_us/research/23/l/the-current-state-of-open-ran-security.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.