CVE-2023-42503: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(-> Englisch) |
|||
| Zeile 1: | Zeile 1: | ||
| − | = | + | = Source = |
https://nvd.nist.gov/vuln/detail/CVE-2023-42503 | https://nvd.nist.gov/vuln/detail/CVE-2023-42503 | ||
| − | = | + | = Description of this CVE = |
| − | + | Through exploiting this security vulnerability a DOS (Denial of Service) attack may be possible on the system. | |
| − | + | Exploiting this weakness only works if a .tar file is read. Currently none of our applications uses this functionality. | |
| − | = | + | = Affected Applications = |
| − | '' | + | ''affected version = From which version onwards there is a need for action.''<br> |
| − | '' | + | ''fixed version = Minimum version where the security vulnerability is fixed or not affected anymore.''<br> |
| − | '' | + | ''not affected = This application is not affected and therefore there is no need for action.<br> |
| − | + | all versions = Every single version is affected. A need for action is required regardless of the version'' | |
| + | |||
| + | <br><br> | ||
{| class="wikitable" | {| class="wikitable" | ||
|- | |- | ||
| − | ! | + | ! Application Name !! Affected Version !! Fixed Version |
|- | |- | ||
| CarrierAPI || not affected || not affected | | CarrierAPI || not affected || not affected | ||
| Zeile 20: | Zeile 22: | ||
| ComManager || || | | ComManager || || | ||
|- | |- | ||
| − | | DataGatewayServer V3 (DGS V3)<br>'' | + | | DataGatewayServer V3 (DGS V3)<br>''all versions 2.x.x are excluded''|| 3.8.14 or higher |
| 3.8.27 | | 3.8.27 | ||
|- | |- | ||
| Zeile 31: | Zeile 33: | ||
| HFMS (Tarifwerk) || 1.8.9 or higher || 1.9.0 | | HFMS (Tarifwerk) || 1.8.9 or higher || 1.9.0 | ||
|- | |- | ||
| − | | HVS32AMAService || 1.3.6 or higher | + | | HVS32AMAService || 1.3.6 or higher |
| 1.3.8 | | 1.3.8 | ||
|- | |- | ||
| HVS32DBArchivierung || all versions || 4.6.8 | | HVS32DBArchivierung || all versions || 4.6.8 | ||
|- | |- | ||
| − | | HVS32MonitoringService || 1.4.11 or higher | + | | HVS32MonitoringService || 1.4.11 or higher |
| 1.4.13 | | 1.4.13 | ||
|- | |- | ||
| − | | HVS32MonitoringServiceLight || 1.5.8 or higher | + | | HVS32MonitoringServiceLight || 1.5.8 or higher |
| 1.5.10 | | 1.5.10 | ||
|- | |- | ||
Version vom 27. September 2023, 10:41 Uhr
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-42503
Description of this CVE
Through exploiting this security vulnerability a DOS (Denial of Service) attack may be possible on the system.
Exploiting this weakness only works if a .tar file is read. Currently none of our applications uses this functionality.
Affected Applications
affected version = From which version onwards there is a need for action.
fixed version = Minimum version where the security vulnerability is fixed or not affected anymore.
not affected = This application is not affected and therefore there is no need for action.
all versions = Every single version is affected. A need for action is required regardless of the version
| Application Name | Affected Version | Fixed Version |
|---|---|---|
| CarrierAPI | not affected | not affected |
| ComManager | ||
| DataGatewayServer V3 (DGS V3) all versions 2.x.x are excluded |
3.8.14 or higher | 3.8.27 |
| FileConverter | ||
| FileMoveService | ||
| GLSBoxService | ||
| HFMS (Tarifwerk) | 1.8.9 or higher | 1.9.0 |
| HVS32AMAService | 1.3.6 or higher | 1.3.8 |
| HVS32DBArchivierung | all versions | 4.6.8 |
| HVS32MonitoringService | 1.4.11 or higher | 1.4.13 |
| HVS32MonitoringServiceLight | 1.5.8 or higher | 1.5.10 |
| IRIS | all versions | 1.1.2 |
| Leitcode | ||
| ScaleService | all versions | 2.2.6 |
| SEM-Manager | all versions | 1.6.3 |
| SEM-Web | all versions | 1.6.1 |
| Verladefreigabe | all versions | 2.2.5 |
| WatchLog |