CVE-2023-40462
7.5HIGHThe ACEManager component of ALEOS 4.16 and earlier does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEMana
Veröffentlicht: 12/4/2023Aktualisiert: 2/13/2025
Beschreibung
The ACEManager component of ALEOS 4.16 and earlier does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers from the DoS condition by restarting within ten seconds of becoming unavailable.
KI-AnalyseKI-gestützt
Betroffene Produkte
sierrawirelessaleos
sierrawirelesses450
-
sierrawirelessgx450
-
sierrawirelesslx40
-
sierrawirelesslx60
-
sierrawirelessmp70
-
sierrawirelessrv50x
-
sierrawirelessrv55
-
debiandebian_linux
10.0
Referenzen
- https://lists.debian.org/debian-lts-announce/2023/12/msg00024.htmlMailing ListThird Party Advisory
- https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-006/#sthash.6KUVtE6w.dpbsVendor Advisory
- https://lists.debian.org/debian-lts-announce/2023/12/msg00024.htmlMailing ListThird Party Advisory
- https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-006/#sthash.6KUVtE6w.dpbsVendor Advisory