CVE-2024-46483

{"id": "CVE-2024-46483", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-10-22T22:15:05.720", "references": [{"url": "https://github.com/kn32/cve-2024-46483", "source": "cve@mitre.org"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content."}, {"lang": "es", "value": " El servidor FTP Xlight &lt;3.9.4.3 tiene una vulnerabilidad de desbordamiento de enteros en la l\u00f3gica de an\u00e1lisis de paquetes del servidor SFTP, lo que puede provocar un desbordamiento de almacenamiento din\u00e1mico con contenido controlado por el atacante."}], "lastModified": "2024-10-23T19:35:11.493", "sourceIdentifier": "cve@mitre.org"}