Skip to main content

Hp Ux CVE-2023-30903

MEDIUM
Allocation of Resources Without Limits or Throttling (CWE-770)
2023-06-16 security-alert@hpe.com
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Jun 16, 2023 - 21:15 nvd
MEDIUM 5.5

DescriptionNVD

HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6.

AnalysisAI

HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Allocation of Resources Without Limits (CWE-770), which allows attackers to exhaust system resources through uncontrolled allocation. HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6. Affected products include: Hp Hp-Ux.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Set resource limits, implement rate limiting, validate input sizes.

More in Hp Ux

View all
CVE-2016-2776 HIGH POC
7.5 Sep 28

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly

CVE-2013-4854 HIGH POC
7.8 Jul 29

The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and

CVE-2016-2775 MEDIUM
5.9 Jul 19

ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option

CVE-2012-0131 CRITICAL
10.0 Apr 05

Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a d

CVE-2014-2490 CRITICAL
9.3 Jul 17

Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect c

CVE-2014-7879 HIGH
8.5 Dec 10

HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated us

CVE-2015-2126 HIGH
7.2 Jul 06

Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setu

CVE-2014-7874 MEDIUM
6.8 Oct 19

Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, an

CVE-2013-6200 MEDIUM
6.2 Mar 11

Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows local users to obtain sensitive information or mo

CVE-2012-0126 MEDIUM
5.8 Mar 28

Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.11 and 11.23 allows remote attackers to obtain acces

CVE-2014-7877 MEDIUM
4.9 Oct 30

Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown

CVE-2013-6209 MEDIUM
4.3 Mar 14

Unspecified vulnerability in rpc.lockd in the NFS subsystem in HP HP-UX B.11.11 and B.11.23 allows remote attackers to c

Share

CVE-2023-30903 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy