CVE-2024-9043

Published: Sep 20, 2024Modified: Sep 25, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: twcert@cert.org.tw (Secondary)

Description

Secure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Remote unauthenticated attackers can send crafted packets to crash the process, thereby bypassing authentication and obtaining system administrator privileges.

Affected (1)

Products: Cellopoint: Secure Email Gateway

1 product

Secure Email Gateway

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cellopoint Secure Email Gateway	From 4.2.1 to 4.5.0

Related CWEs

Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://www.twcert.org.tw/en/cp-139-8103-b0568-2.html

Source: twcert@cert.org.tw

Third Party Advisory

https://www.twcert.org.tw/tw/cp-132-8102-b94a9-1.html

Source: twcert@cert.org.tw

Third Party Advisory

Timeline

No history available yet.