CVE-2022-31810: Buffer Overflow
First published: Tue Jul 11 2023(Updated: )
A vulnerability has been identified in SiPass integrated (All versions < V2.90.3.8). Affected server applications improperly check the size of data packets received for the configuration client login, causing a stack-based buffer overflow. This could allow an unauthenticated remote attacker to crash the server application, creating a denial of service condition.
Credit: productcert@siemens.com productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens SiPass integrated | <2.90.3.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this SiPass integrated vulnerability?
The vulnerability ID for this SiPass integrated vulnerability is CVE-2022-31810.
What is the severity of CVE-2022-31810?
The severity of CVE-2022-31810 is high.
Which versions of SiPass integrated are affected by this vulnerability?
All versions of SiPass integrated prior to V2.90.3.8 are affected by this vulnerability.
What is the impact of this vulnerability?
This vulnerability could allow an unauthenticated remote attacker to cause a stack-based buffer overflow.
Is there a fix available for CVE-2022-31810?
Yes, upgrading to version V2.90.3.8 or later of SiPass integrated will fix this vulnerability.
- collector/nvd-latest
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/weakness
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- vendor/siemens
- canonical/siemens sipass integrated