CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-10523

MQTT before 3.4.6 and 4.0.x before 4.0.5 allows specifically crafted MQTT packets to crash the application, making a DoS attack feasible with very little bandwidth.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.5%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://github.com/mcollina/mosca/issues/393
https://github.com/mqttjs/mqtt-packet/pull/8
https://nodesecurity.io/advisories/75
https://github.com/mcollina/mosca/issues/393
https://github.com/mqttjs/mqtt-packet/pull/8
https://nodesecurity.io/advisories/75

Products affected by CVE-2016-10523

Mqtt-Packet Project » Mqtt-Packet » Version: Any

cpe:2.3:a:mqtt-packet_project:mqtt-packet:*
Mqtt-Packet Project » Mqtt-Packet » Version: 4.0.0

cpe:2.3:a:mqtt-packet_project:mqtt-packet:4.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-10523

Products

Pricing

Contact Us