An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service (DoS) attacks and possibly remote code execution. There is an access violation and EIP overwrite after five logins.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 03 Sep 2025 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Uci idol2
CPEs cpe:2.3:a:uci:idol2:*:*:*:*:*:*:*:*
Vendors & Products Uci idol2

Thu, 22 Aug 2024 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Uci
Uci idol 2
Weaknesses CWE-400
CPEs cpe:2.3:a:uci:idol_2:*:*:*:*:*:*:*:*
Vendors & Products Uci
Uci idol 2
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 22 Aug 2024 03:45:00 +0000

Type Values Removed Values Added
Description An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service (DoS) attacks and possibly remote code execution. There is an access violation and EIP overwrite after five logins.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-22T13:18:38.592Z

Reserved: 2024-08-22T00:00:00

Link: CVE-2024-45166

cve-icon Vulnrichment

Updated: 2024-08-22T13:18:17.709Z

cve-icon NVD

Status : Analyzed

Published: 2024-08-22T04:15:24.467

Modified: 2025-09-03T19:43:20.577

Link: CVE-2024-45166

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.