CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-32171

Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability. The specific flaw exists within the ImportCsv method. A crafted XML payload can cause a null pointer dereference. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20495.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.5%

CVSS Severity

CVSS v3 Score 6.5

References

Products affected by CVE-2023-32171

Unified-Automation » Uagateway » Version: N/A

cpe:2.3:a:unified-automation:uagateway:-
Unified-Automation » Uagateway » Version: 1.0.0.120

cpe:2.3:a:unified-automation:uagateway:1.0.0.120
Unified-Automation » Uagateway » Version: 1.0.1.130

cpe:2.3:a:unified-automation:uagateway:1.0.1.130
Unified-Automation » Uagateway » Version: 1.2.0.160

cpe:2.3:a:unified-automation:uagateway:1.2.0.160
Unified-Automation » Uagateway » Version: 1.2.1.177

cpe:2.3:a:unified-automation:uagateway:1.2.1.177
Unified-Automation » Uagateway » Version: 1.2.2.181

cpe:2.3:a:unified-automation:uagateway:1.2.2.181
Unified-Automation » Uagateway » Version: 1.2.3.186

cpe:2.3:a:unified-automation:uagateway:1.2.3.186
Unified-Automation » Uagateway » Version: 1.2.4.200

cpe:2.3:a:unified-automation:uagateway:1.2.4.200
Unified-Automation » Uagateway » Version: 1.2.5.203

cpe:2.3:a:unified-automation:uagateway:1.2.5.203
Unified-Automation » Uagateway » Version: 1.3.1.244

cpe:2.3:a:unified-automation:uagateway:1.3.1.244
Unified-Automation » Uagateway » Version: 1.3.10.294

cpe:2.3:a:unified-automation:uagateway:1.3.10.294
Unified-Automation » Uagateway » Version: 1.3.12.299

cpe:2.3:a:unified-automation:uagateway:1.3.12.299
Unified-Automation » Uagateway » Version: 1.3.2.247

cpe:2.3:a:unified-automation:uagateway:1.3.2.247
Unified-Automation » Uagateway » Version: 1.3.3.257

cpe:2.3:a:unified-automation:uagateway:1.3.3.257
Unified-Automation » Uagateway » Version: 1.3.4.261

cpe:2.3:a:unified-automation:uagateway:1.3.4.261
Unified-Automation » Uagateway » Version: 1.3.5.263

cpe:2.3:a:unified-automation:uagateway:1.3.5.263
Unified-Automation » Uagateway » Version: 1.3.6.279

cpe:2.3:a:unified-automation:uagateway:1.3.6.279
Unified-Automation » Uagateway » Version: 1.3.7.282

cpe:2.3:a:unified-automation:uagateway:1.3.7.282
Unified-Automation » Uagateway » Version: 1.3.8.283

cpe:2.3:a:unified-automation:uagateway:1.3.8.283
Unified-Automation » Uagateway » Version: 1.3.9.288

cpe:2.3:a:unified-automation:uagateway:1.3.9.288
Unified-Automation » Uagateway » Version: 1.4.0.332

cpe:2.3:a:unified-automation:uagateway:1.4.0.332
Unified-Automation » Uagateway » Version: 1.4.1.336

cpe:2.3:a:unified-automation:uagateway:1.4.1.336
Unified-Automation » Uagateway » Version: 1.4.2.353

cpe:2.3:a:unified-automation:uagateway:1.4.2.353
Unified-Automation » Uagateway » Version: 1.4.3.356

cpe:2.3:a:unified-automation:uagateway:1.4.3.356
Unified-Automation » Uagateway » Version: 1.4.4.357

cpe:2.3:a:unified-automation:uagateway:1.4.4.357
Unified-Automation » Uagateway » Version: 1.4.5.361

cpe:2.3:a:unified-automation:uagateway:1.4.5.361
Unified-Automation » Uagateway » Version: 1.4.6.363

cpe:2.3:a:unified-automation:uagateway:1.4.6.363
Unified-Automation » Uagateway » Version: 1.4.8.372

cpe:2.3:a:unified-automation:uagateway:1.4.8.372
Unified-Automation » Uagateway » Version: 1.4.9.375

cpe:2.3:a:unified-automation:uagateway:1.4.9.375
Unified-Automation » Uagateway » Version: 1.5.1.404

cpe:2.3:a:unified-automation:uagateway:1.5.1.404
Unified-Automation » Uagateway » Version: 1.5.10.467

cpe:2.3:a:unified-automation:uagateway:1.5.10.467
Unified-Automation » Uagateway » Version: 1.5.11.475

cpe:2.3:a:unified-automation:uagateway:1.5.11.475
Unified-Automation » Uagateway » Version: 1.5.12.482

cpe:2.3:a:unified-automation:uagateway:1.5.12.482
Unified-Automation » Uagateway » Version: 1.5.2.410

cpe:2.3:a:unified-automation:uagateway:1.5.2.410
Unified-Automation » Uagateway » Version: 1.5.3.420

cpe:2.3:a:unified-automation:uagateway:1.5.3.420
Unified-Automation » Uagateway » Version: 1.5.4.428

cpe:2.3:a:unified-automation:uagateway:1.5.4.428
Unified-Automation » Uagateway » Version: 1.5.5.433

cpe:2.3:a:unified-automation:uagateway:1.5.5.433
Unified-Automation » Uagateway » Version: 1.5.6.441

cpe:2.3:a:unified-automation:uagateway:1.5.6.441
Unified-Automation » Uagateway » Version: 1.5.7.448

cpe:2.3:a:unified-automation:uagateway:1.5.7.448
Unified-Automation » Uagateway » Version: 1.5.8.454

cpe:2.3:a:unified-automation:uagateway:1.5.8.454
Unified-Automation » Uagateway » Version: 1.5.9.466

cpe:2.3:a:unified-automation:uagateway:1.5.9.466

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-32171

Products

Pricing

Contact Us