CVE-2023-46852: Buffer Overflow
First published: Fri Oct 27 2023(Updated: )
In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "get" substring.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Memcached Memcached | <1.6.22 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability identifier for this issue?
The vulnerability identifier for this issue is CVE-2023-46852.
What is the severity of CVE-2023-46852?
The severity of CVE-2023-46852 is high, with a severity score of 7.5.
What is the description of CVE-2023-46852?
CVE-2023-46852 is a buffer overflow vulnerability that exists in Memcached before version 1.6.22 when processing multiget requests in proxy mode.
How does CVE-2023-46852 impact Memcached?
CVE-2023-46852 can be exploited to cause a buffer overflow and potentially lead to remote code execution on the target Memcached server.
How can I mitigate the impact of CVE-2023-46852?
To mitigate the impact of CVE-2023-46852, it is recommended to upgrade to Memcached version 1.6.22 or later, which includes a fix for the vulnerability.
- collector/nvd-api
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/memcached
- canonical/memcached memcached