How severe is CVE-2023-46285?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2023-46285?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2023-46285 - HIGH Severity | CVSS 7.5

Vulnerability Description

A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an improper input validation vulnerability that could allow an attacker to bring the service into a Denial-of-Service state by sending a specifically crafted message to 4004/tcp. The corresponding service is auto-restarted after the crash is detected by a watchdog.

Related Vulnerabilities

CVE-2000-0258

HIGH

CVSS:7.5(High)

IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.

CWE-202000

CVE-2008-2169

HIGH

CVSS:7.5(High)

Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue t...

CWE-202008

CVE-2008-2170

HIGH

CVSS:7.5(High)

Unspecified vulnerability in Century routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue...

CWE-202008

CVE-2008-2173

HIGH

CVSS:7.5(High)

Unspecified vulnerability in Yamaha routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue ...

CWE-202008

CVE-2009-5050

HIGH

CVSS:7.5(High)

konversation before 1.2.3 allows attackers to cause a denial of service.

CWE-202009

CVE-2010-1678

HIGH

CVSS:7.5(High)

Mapserver 5.2, 5.4 and 5.6 before 5.6.5-2 improperly validates symbol index values during Mapfile parsing.

CWE-202010