CVE-2023-4885

Summary

Man in the Middle vulnerability, which could allow an attacker to intercept VNF (Virtual Network Function) communications resulting in the exposure of sensitive information.

Affected Software

VendorProductVersion RangeStatus
Open5GSOpen5GS2.4.10 and prioraffected

Weaknesses

  • CWE-300: CWE-300: Channel Accessible by Non-Endpoint

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References