CVE-2024-42389
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Cesanta | Mongoose Web Server | 0 <= 7.14 | affected |
Weaknesses
- CWE-823: CWE-823 Use of Out-of-range Pointer Offset
Workarounds
It is highly recommended to not expose the vulnerable component inside an untrusted network.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.