CVE-2024-1185

Published Feb 2, 2024

Last updated 5 months ago

Overview

Description: A vulnerability classified as problematic has been found in Nsasoft NBMonitor Network Bandwidth Monitor 1.6.5.0. This affects an unknown part of the component Registration Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252675. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Source: cna@vuldb.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

CVSS 2.0

Type: Secondary
Base score: 1.7
Impact score: 2.9
Exploitability score: 3.1
Vector string: AV:L/AC:L/Au:S/C:N/I:N/A:P

Weaknesses

cna@vuldb.com: CWE-404

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:nsasoft:network_bandwidth_monitor:1.6.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE71A04C-B477-4225-843A-9D3625DAEC7F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Configurations

References