CVE-2023-42503: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(8 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt) | |||
Zeile 1: | Zeile 1: | ||
− | = | + | = Source = |
https://nvd.nist.gov/vuln/detail/CVE-2023-42503 | https://nvd.nist.gov/vuln/detail/CVE-2023-42503 | ||
− | = | + | = Description of this CVE = |
− | + | Through exploiting this security vulnerability a DOS (Denial of Service) attack may be possible on the system. | |
− | + | Exploiting this weakness only works if a .tar file is read. Currently none of our applications uses this functionality. | |
+ | |||
+ | = Affected Applications = | ||
+ | ''affected version = From which version onwards there is a need for action.''<br> | ||
+ | ''fixed version = Minimum version where the security vulnerability is fixed or not affected anymore.''<br> | ||
+ | ''not affected = This application is not affected and therefore there is no need for action.<br> | ||
+ | ''all versions = Every single version is affected. A need for action is required regardless of the version'' | ||
− | |||
− | |||
− | |||
− | |||
− | |||
{| class="wikitable" | {| class="wikitable" | ||
|- | |- | ||
− | ! | + | ! Application Name !! Affected Version !! Fixed Version |
|- | |- | ||
| CarrierAPI || not affected || not affected | | CarrierAPI || not affected || not affected | ||
|- | |- | ||
− | | ComManager || | + | | ComManager || 1.2.12 |
+ | | 1.2.16 | ||
|- | |- | ||
− | | DataGatewayServer V3 (DGS V3)<br>'' | + | | DataGatewayServer V3 (DGS V3)<br>''all versions 2.x.x are excluded''|| 3.8.14 or higher |
+ | | 3.8.27 | ||
|- | |- | ||
| FileConverter || || | | FileConverter || || | ||
Zeile 28: | Zeile 31: | ||
| GLSBoxService || || | | GLSBoxService || || | ||
|- | |- | ||
− | | HFMS (Tarifwerk) || | + | | HFMS (Tarifwerk) || 1.8.9 or higher || 1.9.0 |
|- | |- | ||
− | | HVS32AMAService || | + | | HVS32AMAService || 1.3.6 or higher |
+ | | 1.3.8 | ||
|- | |- | ||
| HVS32DBArchivierung || all versions || 4.6.8 | | HVS32DBArchivierung || all versions || 4.6.8 | ||
|- | |- | ||
− | | HVS32MonitoringService || | + | | HVS32MonitoringService || 1.4.11 or higher |
+ | | 1.4.13 | ||
|- | |- | ||
− | | HVS32MonitoringServiceLight || | + | | HVS32MonitoringServiceLight || 1.5.8 or higher |
+ | | 1.5.10 | ||
|- | |- | ||
− | | IRIS || all versions || | + | | IRIS || all versions || 1.1.2 |
|- | |- | ||
| Leitcode || || | | Leitcode || || | ||
Zeile 44: | Zeile 50: | ||
| ScaleService || all versions || 2.2.6 | | ScaleService || all versions || 2.2.6 | ||
|- | |- | ||
− | | SEM-Manager || all versions || | + | | SEM-Manager || all versions || 1.6.3 |
|- | |- | ||
− | | SEM-Web || all versions || | + | | SEM-Web || all versions || 1.6.1 |
|- | |- | ||
| Verladefreigabe || all versions || 2.2.5 | | Verladefreigabe || all versions || 2.2.5 |
Aktuelle Version vom 10. Oktober 2023, 10:13 Uhr
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-42503
Description of this CVE
Through exploiting this security vulnerability a DOS (Denial of Service) attack may be possible on the system.
Exploiting this weakness only works if a .tar file is read. Currently none of our applications uses this functionality.
Affected Applications
affected version = From which version onwards there is a need for action.
fixed version = Minimum version where the security vulnerability is fixed or not affected anymore.
not affected = This application is not affected and therefore there is no need for action.
all versions = Every single version is affected. A need for action is required regardless of the version
Application Name | Affected Version | Fixed Version |
---|---|---|
CarrierAPI | not affected | not affected |
ComManager | 1.2.12 | 1.2.16 |
DataGatewayServer V3 (DGS V3) all versions 2.x.x are excluded |
3.8.14 or higher | 3.8.27 |
FileConverter | ||
FileMoveService | ||
GLSBoxService | ||
HFMS (Tarifwerk) | 1.8.9 or higher | 1.9.0 |
HVS32AMAService | 1.3.6 or higher | 1.3.8 |
HVS32DBArchivierung | all versions | 4.6.8 |
HVS32MonitoringService | 1.4.11 or higher | 1.4.13 |
HVS32MonitoringServiceLight | 1.5.8 or higher | 1.5.10 |
IRIS | all versions | 1.1.2 |
Leitcode | ||
ScaleService | all versions | 2.2.6 |
SEM-Manager | all versions | 1.6.3 |
SEM-Web | all versions | 1.6.1 |
Verladefreigabe | all versions | 2.2.5 |
WatchLog |