CVE-2022-31812 | THREATINT

Description

A vulnerability has been identified in SiPass integrated (All versions < V2.95.3.18). Affected server applications contain an out of bounds read past the end of an allocated buffer while checking the integrity of incoming packets. This could allow an unauthenticated remote attacker to create a denial of service condition.

PUBLISHED Reserved 2022-05-30 | Published 2025-05-23 | Updated 2025-05-23 | Assigner siemens

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-125: Out-of-bounds Read

Product status

Default status

unknown

Any version before V2.95.3.18

affected

References

cert-portal.siemens.com/productcert/html/ssa-041082.html

cve.org (CVE-2022-31812)

nvd.nist.gov (CVE-2022-31812)

Download JSON