CVE-2023-42503: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| (10 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt) | |||
| Zeile 1: | Zeile 1: | ||
| − | = | + | = Source = |
https://nvd.nist.gov/vuln/detail/CVE-2023-42503 | https://nvd.nist.gov/vuln/detail/CVE-2023-42503 | ||
| − | = | + | = Description of this CVE = |
| − | + | Through exploiting this security vulnerability a DOS (Denial of Service) attack may be possible on the system. | |
| − | + | Exploiting this weakness only works if a .tar file is read. Currently none of our applications uses this functionality. | |
| + | |||
| + | = Affected Applications = | ||
| + | ''affected version = From which version onwards there is a need for action.''<br> | ||
| + | ''fixed version = Minimum version where the security vulnerability is fixed or not affected anymore.''<br> | ||
| + | ''not affected = This application is not affected and therefore there is no need for action.<br> | ||
| + | ''all versions = Every single version is affected. A need for action is required regardless of the version'' | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
{| class="wikitable" | {| class="wikitable" | ||
|- | |- | ||
| − | ! | + | ! Application Name !! Affected Version !! Fixed Version |
|- | |- | ||
| CarrierAPI || not affected || not affected | | CarrierAPI || not affected || not affected | ||
|- | |- | ||
| − | | ComManager || | + | | ComManager || 1.2.12 |
| + | | 1.2.16 | ||
|- | |- | ||
| − | | DataGatewayServer V3 (DGS V3)<br>'' | + | | DataGatewayServer V3 (DGS V3)<br>''all versions 2.x.x are excluded''|| 3.8.14 or higher |
| + | | 3.8.27 | ||
|- | |- | ||
| FileConverter || || | | FileConverter || || | ||
| Zeile 28: | Zeile 31: | ||
| GLSBoxService || || | | GLSBoxService || || | ||
|- | |- | ||
| − | | HFMS (Tarifwerk) || | + | | HFMS (Tarifwerk) || 1.8.9 or higher || 1.9.0 |
|- | |- | ||
| − | | HVS32AMAService || | + | | HVS32AMAService || 1.3.6 or higher |
| + | | 1.3.8 | ||
|- | |- | ||
| HVS32DBArchivierung || all versions || 4.6.8 | | HVS32DBArchivierung || all versions || 4.6.8 | ||
|- | |- | ||
| − | | HVS32MonitoringService || | + | | HVS32MonitoringService || 1.4.11 or higher |
| + | | 1.4.13 | ||
|- | |- | ||
| − | | HVS32MonitoringServiceLight || | + | | HVS32MonitoringServiceLight || 1.5.8 or higher |
| + | | 1.5.10 | ||
|- | |- | ||
| − | | IRIS || all versions || | + | | IRIS || all versions || 1.1.2 |
|- | |- | ||
| Leitcode || || | | Leitcode || || | ||
| Zeile 44: | Zeile 50: | ||
| ScaleService || all versions || 2.2.6 | | ScaleService || all versions || 2.2.6 | ||
|- | |- | ||
| − | | SEM-Manager || all versions || | + | | SEM-Manager || all versions || 1.6.3 |
|- | |- | ||
| − | | SEM-Web || all versions || | + | | SEM-Web || all versions || 1.6.1 |
|- | |- | ||
| − | | Verladefreigabe || all versions || | + | | Verladefreigabe || all versions || 2.2.5 |
|- | |- | ||
| WatchLog || || | | WatchLog || || | ||
|} | |} | ||
Aktuelle Version vom 10. Oktober 2023, 09:13 Uhr
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-42503
Description of this CVE
Through exploiting this security vulnerability a DOS (Denial of Service) attack may be possible on the system.
Exploiting this weakness only works if a .tar file is read. Currently none of our applications uses this functionality.
Affected Applications
affected version = From which version onwards there is a need for action.
fixed version = Minimum version where the security vulnerability is fixed or not affected anymore.
not affected = This application is not affected and therefore there is no need for action.
all versions = Every single version is affected. A need for action is required regardless of the version
| Application Name | Affected Version | Fixed Version |
|---|---|---|
| CarrierAPI | not affected | not affected |
| ComManager | 1.2.12 | 1.2.16 |
| DataGatewayServer V3 (DGS V3) all versions 2.x.x are excluded |
3.8.14 or higher | 3.8.27 |
| FileConverter | ||
| FileMoveService | ||
| GLSBoxService | ||
| HFMS (Tarifwerk) | 1.8.9 or higher | 1.9.0 |
| HVS32AMAService | 1.3.6 or higher | 1.3.8 |
| HVS32DBArchivierung | all versions | 4.6.8 |
| HVS32MonitoringService | 1.4.11 or higher | 1.4.13 |
| HVS32MonitoringServiceLight | 1.5.8 or higher | 1.5.10 |
| IRIS | all versions | 1.1.2 |
| Leitcode | ||
| ScaleService | all versions | 2.2.6 |
| SEM-Manager | all versions | 1.6.3 |
| SEM-Web | all versions | 1.6.1 |
| Verladefreigabe | all versions | 2.2.5 |
| WatchLog |