How severe is CVE-2023-40462?

CVE-2023-40462 has a CVSS v3 score of 7.5 (HIGH).

CVE-2023-40462

7.5HIGH

The ACEManager component of ALEOS 4.16 and earlier does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEMana

Опубликовано: 12/4/2023Обновлено: 2/13/2025

Описание

The ACEManager component of ALEOS 4.16 and earlier does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers from the DoS condition by restarting within ten seconds of becoming unavailable.

ИИ-АнализНа базе ИИ

Затронутые продукты

sierrawirelessaleos

sierrawirelesses450

sierrawirelessgx450

sierrawirelesslx40

sierrawirelesslx60

sierrawirelessmp70

sierrawirelessrv50x

sierrawirelessrv55

debiandebian_linux

10.0

Ссылки

https://lists.debian.org/debian-lts-announce/2023/12/msg00024.html
Mailing ListThird Party Advisory
https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-006/#sthash.6KUVtE6w.dpbs
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2023/12/msg00024.html
Mailing ListThird Party Advisory
https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-006/#sthash.6KUVtE6w.dpbs
Vendor Advisory