Vulnerability Details CVE-2022-35218
The NHI card’s web service component has a heap-based buffer overflow vulnerability due to insufficient validation for packet origin parameter length. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.2%
CVSS Severity
CVSS v3 Score 5.5
References
Products affected by CVE-2022-35218
-
cpe:2.3:a:nhi:health_insurance_web_service_component:-
-
cpe:2.3:o:microsoft:windows:-