CVE-2023-46850
Status: Modified
Last modified:
29-11-2023
Published:
11-11-2023
9.8
SUMMARY CVE-2023-46850
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer.
Access CVSS3 CVE-2023-46850
Attack Complexity | Attack Vector | Privileges Required | Scope | User Interaction |
---|---|---|---|---|
LOW | NETWORK | NONE | UNCHANGED | NONE |
Impact CVSS3 CVE-2023-46850
Confidentiality | Integrity | Availability |
---|---|---|
HIGH | HIGH | HIGH |
Details CVE-2023-46850
EPSS | 0.00559 |
---|---|
EPSS % | 0.77999 |
References |
|
CWE | CWE-416 |
Vulnerable Configurations |
|
CVSS3 Source | nvd@nist.gov |
CVSS3 Type | Primary |
CVSS3 Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |