CVE-2023-5759

Summary

In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the buffer was identified. Reported by Jason Geffner.  

Affected Software

VendorProductVersion RangeStatus
HelixHelix Core0.0.0 < 2023.2affected
HelixHelix Core0.0.0 < 2023.1 Patch 2affected
HelixHelix Core0.0.0 < 2022.2 Patch 3affected
HelixHelix Core0.0.0 < 2022.1 Patch 6affected
HelixHelix Core0.0.0 < 2021.2 Patch 10affected

Weaknesses

  • CWE-400: CWE-400 Uncontrolled Resource Consumption

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References