CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 1CVE-2023-42358
https://notcve.org/view.php?id=CVE-2023-42358
An issue was discovered in O-RAN Software Community ric-plt-e2mgr in the G-Release environment, allows remote attackers to cause a denial of service (DoS) via a crafted request to the E2Manager API component. Se descubrió un problema en O-RAN Software Community ric-plt-e2mgr en el entorno G-Release, que permite a atacantes remotos provocar una denegación de servicio (DoS) a través de una solicitud manipulada al componente API de E2Manager. • https://jira.o-ran-sc.org/browse/RIC-1009 • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41627
https://notcve.org/view.php?id=CVE-2023-41627
O-RAN Software Community ric-plt-lib-rmr v4.9.0 does not validate the source of the routing tables it receives, potentially allowing attackers to send forged routing tables to the device. O-RAN Software Community ric-plt-lib-rmr v4.9.0 no valida la fuente de las tablas de enrutamiento que recibe, permitiendo potencialmente a los atacantes enviar tablas de enrutamiento falsificadas al dispositivo. • https://jira.o-ran-sc.org/browse/RIC-1001 https://www.trendmicro.com/en_us/research/23/l/the-current-state-of-open-ran-security.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-41628
https://notcve.org/view.php?id=CVE-2023-41628
An issue in O-RAN Software Community E2 G-Release allows attackers to cause a Denial of Service (DoS) by incorrectly initiating the messaging procedure between the E2Node and E2Term components. Un problema en O-RAN Software Community E2 G-Release permite a los atacantes provocar una denegación de servicio (DoS) iniciando incorrectamente el procedimiento de mensajería entre los componentes "E2Node" y "E2Term". • https://jira.o-ran-sc.org/browse/RIC-1002 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-40997
https://notcve.org/view.php?id=CVE-2023-40997
Buffer Overflow vulnerability in O-RAN Software Community ric-plt-lib-rmr v.4.9.0 allows a remote attacker to cause a denial of service via a crafted packet. • https://jira.o-ran-sc.org/browse/RIC-991 https://www.trendmicro.com/en_us/research/23/l/the-current-state-of-open-ran-security.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-40998
https://notcve.org/view.php?id=CVE-2023-40998
Buffer Overflow vulnerability in O-RAN Software Community ric-plt-lib-rmr v.4.9.0 allows a remote attacker to cause a denial of service via the packet size component. • https://jira.o-ran-sc.org/browse/RIC-989 https://www.trendmicro.com/en_us/research/23/l/the-current-state-of-open-ran-security.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •