CVE-2023-34924

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jun 26, 2023

Updated: Jul 7, 2023

CWE ID 787

Summary

CVE-2023-34924 is a newly discovered vulnerability affecting H3C Magic B1STW B1STV100R012 devices. This issue involves a stack overflow in the SetAPInfoById function, which can be exploited by attackers through a crafted POST request. By sending such a request, they can cause a Denial of Service (DoS) condition, rendering the device unresponsive and potentially disrupting network services. This vulnerability poses a significant risk to organizations using these devices and requires prompt patching to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

New H3C Technologies Co. Ltd.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rp31cF
https://www.cve.org/CVERecord?id=CVE-2023-34924
https://nvd.nist.gov/vuln/detail/CVE-2023-34924

Back to Vulnerability Database

CVE-2023-34924

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations