CVE-2023-28504
First published: Wed Mar 29 2023(Updated: )
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow that can lead to remote code execution as the root user.
Credit: cve@rapid7.con
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Rocketsoftware Unidata | <=8.2.4 | |
| Rocketsoftware Universe | <=11.3.5 | |
| Rocketsoftware Universe | >=12.0.0<=12.2.1 | |
| Linux Linux kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-28504?
The severity of CVE-2023-28504 is rated as critical with a score of 9.8.
How do I fix CVE-2023-28504?
To fix CVE-2023-28504, upgrade Rocket Software UniData to version 8.2.4 build 3003 or newer, and UniVerse to version 11.3.5 build 1001 or newer.
What types of vulnerabilities are associated with CVE-2023-28504?
CVE-2023-28504 involves stack-based buffer overflow vulnerabilities which can lead to remote code execution.
Which versions of Rocket Software are affected by CVE-2023-28504?
CVE-2023-28504 affects Rocket Software UniData versions prior to 8.2.4 and UniVerse versions prior to 11.3.5 and versions from 12.0.0 to 12.2.1.
What could be the potential impact of CVE-2023-28504?
The potential impact of CVE-2023-28504 includes remote code execution as the root user, compromising the integrity and security of the system.
- collector/nvd-index
- vendor/rocketsoftware
- product/unidata
- canonical/rocketsoftware unidata
- product/universe
- canonical/rocketsoftware universe
- vendor/linux
- product/linux kernel
- canonical/linux linux kernel