CVE-2022-31804

High

The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected limits. An unauthenticated attacker may…

CERTVDE·CWE-789·Published 2022-06-24

CVSS

7.5

EPSS

0.01

KEV

Exploits

cve.orgen

248 chars

The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected limits. An unauthenticated attacker may allocate an arbitrary amount of memory, which may lead to a crash of the Gateway due to an out-of-memory condition.

NVDen

248 chars

NVDes

283 chars

El CODESYS Gateway Server versiónV2 no verifica que el tamaño de una petición esté dentro de los límites previstos. Un atacante no autenticado puede asignar una cantidad arbitraria de memoria, lo que puede conllevar a un bloqueo del Gateway debido a una condición de falta de memoria

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
3.1	Primary	cve.org	7.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H