O Ran Sc

o-ran-sc

7 CVEs • 3 products

Products (3)

Click to collapse

Toggle

Ric Message Router

ric_message_router

CVEs (7)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-34048 1O Ran Sc 1Ric Plt E2mgr May 27, 2025 Apr 30, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 O-RAN RIC I-Release e2mgr lacks array size checks in E2nodeConfigUpdateNotificationHandler.
CVE-2024-34047 1O Ran Sc 1Ric Plt E2mgr May 27, 2025 Apr 30, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 O-RAN RIC I-Release e2mgr lacks array size checks in RicServiceUpdateHandler.
CVE-2023-42358 1O Ran Sc 1Ric Plt E2mgr Jun 18, 2025 Jan 3, 2024 N/A· v4 7.7 HIGH· v3 N/A· v2 An issue was discovered in O-RAN Software Community ric-plt-e2mgr in the G-Release environment, allows remote attackers to cause a denial of service (DoS) via a crafted request to the E2Manager API component.
CVE-2023-41628 1O Ran Sc 1E2 Nov 21, 2024 Sep 1, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue in O-RAN Software Community E2 G-Release allows attackers to cause a Denial of Service (DoS) by incorrectly initiating the messaging procedure between the E2Node and E2Term components.
CVE-2023-41627 1O Ran Sc 1Ric Message Router Nov 21, 2024 Sep 1, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 O-RAN Software Community ric-plt-lib-rmr v4.9.0 does not validate the source of the routing tables it receives, potentially allowing attackers to send forged routing tables to the device.
CVE-2023-40998 1O Ran Sc 1Ric Message Router Nov 21, 2024 Aug 28, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in O-RAN Software Community ric-plt-lib-rmr v.4.9.0 allows a remote attacker to cause a denial of service via the packet size component.
CVE-2023-40997 1O Ran Sc 1Ric Message Router Nov 21, 2024 Aug 28, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in O-RAN Software Community ric-plt-lib-rmr v.4.9.0 allows a remote attacker to cause a denial of service via a crafted packet.