An issue was discovered in Dalmann OCPP.Core through 1.2.0 for OCPP (Open Charge Point Protocol) for electric vehicles. The server processes mishandle StartTransaction messages containing additional, arbitrary properties, or duplicate properties. The last occurrence of a duplicate property is accepted. This could be exploited to alter transaction records or impact system integrity.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/dallmann-consulting/OCPP.Core/issues/36 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-12-07T00:00:00
Updated: 2024-08-02T22:09:49.613Z
Reserved: 2023-12-03T00:00:00
Link: CVE-2023-49958
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-12-07T13:15:07.833
Modified: 2023-12-13T13:53:04.123
Link: CVE-2023-49958
Redhat
No data.