FKIE_CVE-2023-24613

Vulnerability from fkie_nvd - Published: 2023-02-03 02:15 - Updated: 2025-03-26 15:15
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend binary file that handles the user interface to a cause denial of service attack. This is fixed in AG 9.4.0.481.
References
cve@mitre.orghttps://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_UI_Stack_Overflow_Vulnerability_ID-128285_V1.0.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_UI_Stack_Overflow_Vulnerability_ID-128285_V1.0.pdfVendor Advisory
Impacted products
Vendor Product Version
arraynetworks arrayos_ag *
arraynetworks ag1000 -
arraynetworks ag1000t -
arraynetworks ag1000v5 -
arraynetworks ag1100v5 -
arraynetworks ag1150 -
arraynetworks ag1200 -
arraynetworks ag1200v5 -
arraynetworks ag1500 -
arraynetworks ag1500fips -
arraynetworks ag1500v5 -
arraynetworks ag1600 -
arraynetworks ag1600v5 -
arraynetworks vxag -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arraynetworks:arrayos_ag:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "074EC86B-4746-4E34-AB53-E6437C22ED25",
              "versionEndIncluding": "9.4.0.470",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arraynetworks:ag1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBE11A77-8C2F-46CA-87BA-47624380FFC1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:ag1000t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5ED51E1F-3155-40C6-B61C-73D6A9F64987",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:ag1000v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0BC33CF-FA0B-4556-B11E-61FF9B14880A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:ag1100v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9C8C9AE-AF59-4E5A-93CD-A394F1A31FA0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:ag1150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E025A9D-6B7C-42B6-95EA-0A5726A919F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:ag1200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0771D54C-15DF-403C-8CFA-B1E7D0136F50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:ag1200v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C9F6B87-E3D2-419A-B086-B981EF912F80",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:ag1500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D385DBD0-C4A9-4168-82C2-832E0E40F42D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:ag1500fips:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "01569AB3-736D-47FE-86DD-F08ACDDCD11E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:ag1500v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "22E45185-071F-414A-AF78-4739F15A1D93",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:ag1600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6F0988E-5E75-486A-9229-956D38A51C35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:ag1600v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D09E2CC-C1B5-40DC-AD1A-7C6AB20525DC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:vxag:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E149796-E3D7-4FAF-AB64-8D273E701861",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend binary file that handles the user interface to a cause denial of service attack. This is fixed in AG 9.4.0.481."
    },
    {
      "lang": "es",
      "value": "La interfaz de usuario de Array Networks AG Series y vxAG hasta la versi\u00f3n 9.4.0.470 podr\u00eda permitir a un atacante remoto utilizar la herramienta gdb para sobrescribir la pila de llamadas de funciones backend despu\u00e9s de acceder al sistema con privilegios de administrador. Un exploit exitoso podr\u00eda aprovechar esta vulnerabilidad en el archivo binario backend que maneja la interfaz de usuario para provocar un ataque de denegaci\u00f3n de servicio. Esto se soluciona en AG 9.4.0.481."
    }
  ],
  "id": "CVE-2023-24613",
  "lastModified": "2025-03-26T15:15:47.477",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-02-03T02:15:07.997",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_UI_Stack_Overflow_Vulnerability_ID-128285_V1.0.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_UI_Stack_Overflow_Vulnerability_ID-128285_V1.0.pdf"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.