Vulnerability Details CVE-2023-48428
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The radius configuration mechanism of affected products does not correctly check uploaded certificates. A malicious admin could upload a crafted certificate resulting in a denial-of-service condition or potentially issue commands on system level.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.4%
CVSS Severity
CVSS v3 Score 7.2
References