Search for vulnerabilities
Vulnerability details: VCID-7s62-m3gd-aaan
Vulnerability ID VCID-7s62-m3gd-aaan
Aliases CVE-2023-4806
Summary A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.
Status Published
Exploitability 0.5
Weighted Severity 5.3
Risk 2.6
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-416 Use After Free
System Score Found at
cvssv3.1 5.9 https://access.redhat.com/errata/RHBA-2024:2413
ssvc Track https://access.redhat.com/errata/RHBA-2024:2413
cvssv3.1 5.9 https://access.redhat.com/errata/RHSA-2023:5453
ssvc Track https://access.redhat.com/errata/RHSA-2023:5453
cvssv3.1 5.9 https://access.redhat.com/errata/RHSA-2023:5455
ssvc Track https://access.redhat.com/errata/RHSA-2023:5455
cvssv3.1 5.9 https://access.redhat.com/errata/RHSA-2023:7409
ssvc Track https://access.redhat.com/errata/RHSA-2023:7409
cvssv3 5.9 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4806.json
cvssv3.1 5.9 https://access.redhat.com/security/cve/CVE-2023-4806
ssvc Track https://access.redhat.com/security/cve/CVE-2023-4806
epss 0.00109 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00109 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00109 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00109 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00109 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00109 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00109 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00109 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00109 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00109 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00109 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00109 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00109 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00109 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00952 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00971 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00971 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00971 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00971 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00971 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00971 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.00971 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01076 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01106 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01106 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01106 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01106 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01811 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01811 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01811 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01811 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01811 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01811 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01811 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01811 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01811 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01811 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01811 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01811 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.01811 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
epss 0.03149 https://api.first.org/data/v1/epss?cve=CVE-2023-4806
cvssv3.1 5.9 https://bugzilla.redhat.com/show_bug.cgi?id=2237782
ssvc Track https://bugzilla.redhat.com/show_bug.cgi?id=2237782
cvssv3.1 5.9 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 5.9 https://nvd.nist.gov/vuln/detail/CVE-2023-4806
cvssv3.1 5.9 https://nvd.nist.gov/vuln/detail/CVE-2023-4806
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4806.json
https://access.redhat.com/security/cve/CVE-2023-4806
https://api.first.org/data/v1/epss?cve=CVE-2023-4806
https://bugzilla.redhat.com/show_bug.cgi?id=2237782
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/
https://security.netapp.com/advisory/ntap-20240125-0008/
http://www.openwall.com/lists/oss-security/2023/10/03/4
http://www.openwall.com/lists/oss-security/2023/10/03/5
http://www.openwall.com/lists/oss-security/2023/10/03/6
http://www.openwall.com/lists/oss-security/2023/10/03/8
cpe:2.3:a:gnu:glibc:2.33:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.33:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus_s390x:9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus_s390x:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_s390x:9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_s390x:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_tus:8.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.8:*:*:*:*:*:*:*
cpe:/a:redhat:enterprise_linux:8::appstream https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
cpe:/a:redhat:enterprise_linux:8::crb https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
cpe:/a:redhat:enterprise_linux:9::appstream https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
cpe:/a:redhat:enterprise_linux:9::crb https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
cpe:/a:redhat:rhel_eus:8.6::appstream https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream
cpe:/a:redhat:rhel_eus:8.6::crb https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb
cpe:/o:redhat:enterprise_linux:6 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
cpe:/o:redhat:enterprise_linux:9::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
cpe:/o:redhat:rhel_eus:8.6::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos
cpe:/o:redhat:rhev_hypervisor:4.4::el8 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8
CVE-2023-4806 https://nvd.nist.gov/vuln/detail/CVE-2023-4806
GLSA-202310-03 https://security.gentoo.org/glsa/202310-03
RHBA-2024:2413 https://access.redhat.com/errata/RHBA-2024:2413
RHSA-2023:5453 https://access.redhat.com/errata/RHSA-2023:5453
RHSA-2023:5455 https://access.redhat.com/errata/RHSA-2023:5455
RHSA-2023:7409 https://access.redhat.com/errata/RHSA-2023:7409
USN-6541-1 https://usn.ubuntu.com/6541-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/errata/RHBA-2024:2413
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/ Found at https://access.redhat.com/errata/RHBA-2024:2413
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/errata/RHSA-2023:5453
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/ Found at https://access.redhat.com/errata/RHSA-2023:5453
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/errata/RHSA-2023:5455
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/ Found at https://access.redhat.com/errata/RHSA-2023:5455
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/errata/RHSA-2023:7409
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/ Found at https://access.redhat.com/errata/RHSA-2023:7409
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4806.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/security/cve/CVE-2023-4806
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/ Found at https://access.redhat.com/security/cve/CVE-2023-4806
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://bugzilla.redhat.com/show_bug.cgi?id=2237782
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=2237782
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-4806
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-4806
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.45030
EPSS Score 0.00109
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.