CVE-2022-33749

{"id": "CVE-2022-33749", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2022-10-11T13:15:10.193", "references": [{"url": "http://www.openwall.com/lists/oss-security/2022/10/11/4", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "source": "security@xen.org"}, {"url": "http://xenbits.xen.org/xsa/advisory-413.html", "tags": ["Patch", "Vendor Advisory"], "source": "security@xen.org"}, {"url": "https://security.gentoo.org/glsa/202402-07", "source": "security@xen.org"}, {"url": "https://xenbits.xenproject.org/xsa/advisory-413.txt", "tags": ["Patch", "Vendor Advisory"], "source": "security@xen.org"}, {"url": "http://www.openwall.com/lists/oss-security/2022/10/11/4", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://xenbits.xen.org/xsa/advisory-413.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/202402-07", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://xenbits.xenproject.org/xsa/advisory-413.txt", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "XAPI open file limit DoS It is possible for an unauthenticated client on the network to cause XAPI to hit its file-descriptor limit. This causes XAPI to be unable to accept new requests for other (trusted) clients, and blocks XAPI from carrying out any tasks that require the opening of file descriptors."}, {"lang": "es", "value": "Es posible que un cliente no autenticado en la red cause que XAPI alcance su l\u00edmite de descriptores de archivo. Esto causa que XAPI no pueda aceptar nuevas peticiones de otros clientes (confiables), y bloquea a XAPI de llevar a cabo cualquier tarea que requiera la apertura de descriptores de archivo"}], "lastModified": "2024-11-21T07:08:27.957", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:xen:xapi:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC5FE9BB-705E-4705-BF39-B671ECD8AAD0"}], "operator": "OR"}]}], "sourceIdentifier": "security@xen.org"}