How severe is CVE-2023-22819?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.9 out of 10.

What type of vulnerability is CVE-2023-22819?

This is classified as CWE-770, which is a common weakness in software security.

CVE-2023-22819 - MEDIUM Severity | CVSS 4.9

Vulnerability Description

An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This issue requires the attacker to already have root privileges in order to exploit this vulnerability. This issue affects My Cloud Home and My Cloud Home Duo: before 9.5.1-104; ibi: before 9.5.1-104; My Cloud OS 5: before 5.27.161.

Related Vulnerabilities

CVE-2021-22360

MEDIUM

CVSS:4.9(Medium)

There is a resource management error vulnerability in the verisions V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 of USG9500. An authentication attacker needs to perform specific operations ...

CWE-7702021

CVE-2021-28700

MEDIUM

CVSS:4.9(Medium)

xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen. Unfortunately, the memory limit from them is not set...

CWE-7702021

CVE-2022-22488

MEDIUM

CVSS:4.9(Medium)

IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by uploading or deleting too many CA certificates in a short period of time. IBM X-Force ID: 2226337.

CWE-7702022

CVE-2023-28107

MEDIUM

CVSS:4.9(Medium)

Discourse is an open-source discussion platform. Prior to version 3.0.2 of the `stable` branch and version 3.1.0.beta3 of the `beta` and `tests-passed` branches, a user logged as an administrator can ...

CWE-7702023

CVE-2023-29973

MEDIUM

CVSS:4.9(Medium)

Pfsense CE version 2.6.0 is vulnerable to No rate limit which can lead to an attacker creating multiple malicious users in firewall.

CWE-7702023

CVE-2023-45129

MEDIUM

CVSS:4.9(Medium)

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Prior to version 1.94.0, a malicious server ACL event can impact performance temporarily or permanently...

CWE-7702023