SiPass integrated <V2.90.3.8 Buffer Overflow in Config Client Login
CVE-2022-31810 Published on July 11, 2023
A vulnerability has been identified in SiPass integrated (All versions < V2.90.3.8). Affected server applications improperly check the size of data packets received for the configuration client login, causing a stack-based buffer overflow. This could allow an unauthenticated remote attacker to crash the server application, creating a denial of service condition.
Weakness Type
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Products Associated with CVE-2022-31810
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-31810 are published in Siemens Sipass Integrated:
Affected Versions
Siemens SiPass integrated Version All versions < V2.90.3.8 is affected by CVE-2022-31810Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.