CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-28509 – Weak encryption in UniRPC protocol
https://notcve.org/view.php?id=CVE-2023-28509
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 use weak encryption for packet-level security and passwords transferred on the wire. • https://www.rapid7.com/blog/post/2023/03/29/multiple-vulnerabilities-in-rocket-software-unirpc-server-fixed • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-28508 – Heap corruption in UniRPC service
https://notcve.org/view.php?id=CVE-2023-28508
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a heap-based overflow vulnerability, where certain input can corrupt the heap and crash the forked process. • https://www.rapid7.com/blog/post/2023/03/29/multiple-vulnerabilities-in-rocket-software-unirpc-server-fixed • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-28507 – Memory exhaustion in LZ4 decompression in UniRPC daemon
https://notcve.org/view.php?id=CVE-2023-28507
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a memory-exhaustion issue, where a decompression routine will allocate increasing amounts of memory until all system memory is exhausted and the forked process crashes. • https://www.rapid7.com/blog/post/2023/03/29/multiple-vulnerabilities-in-rocket-software-unirpc-server-fixed • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-28506 – Stack buffer overflow in UniRPC service
https://notcve.org/view.php?id=CVE-2023-28506
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow, where a string is copied into a buffer using a memcpy-like function and a user-provided length. This requires a valid login to exploit. • https://www.rapid7.com/blog/post/2023/03/29/multiple-vulnerabilities-in-rocket-software-unirpc-server-fixed • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-28505 – Buffer overflow in UniRPC library function
https://notcve.org/view.php?id=CVE-2023-28505
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a buffer overflow in an API function, where a string is copied into a caller-provided buffer without checking the length. This requires a valid login to exploit. • https://www.rapid7.com/blog/post/2023/03/29/multiple-vulnerabilities-in-rocket-software-unirpc-server-fixed • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •