CVE-2023-46324 – github.com/free5gc/udm

Package

Manager: go
Name: github.com/free5gc/udm
Vulnerable Version: >=0 <1.2.0

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00051 pctl0.15689

Details

free5GC udm vulnerable to Invalid Curve Attack pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the UDM, which tries to decrypt them via both its private key and the attacker's public key.

Metadata

Created: 2023-10-23T03:30:30Z
Modified: 2023-10-31T22:07:50Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-cqvv-r3g3-26rf/GHSA-cqvv-r3g3-26rf.json
CWE IDs: ["CWE-327", "CWE-347"]
Alternative ID: GHSA-cqvv-r3g3-26rf
Finding: F052
Auto approve: 1