A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The REST API of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the API. The server will automatically restart.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: siemens
Published: 2023-12-12T11:27:22.091Z
Updated: 2024-08-02T21:30:35.228Z
Reserved: 2023-11-16T16:30:40.849Z
Link: CVE-2023-48430
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-12-12T12:15:15.433
Modified: 2024-11-21T08:31:42.457
Link: CVE-2023-48430
Redhat
No data.