111 – Out-of-bounds read

Description

It is possible to make the system read data before or beyond the intended buffer.

Impact

Get access to the system and get control of the server.

Recommendation

- Implement good security practices in the software development life cycle. - Disable de unsafe functions in the system.

Threat

External attacker with access to the application.

Expected Remediation Time

60 minutes.

Score 4.0

Default score using CVSS 4.0. It may change depending on the context of the src.

Base 4.0

• Attack vector: N
• Attack complexity: H
• Attack Requirements: N
• Privileges required: N
• User interaction: N
• Confidentiality (VC): L
• Integrity (VI): L
• Availability (VA): H
• Confidentiality (SC): N
• Integrity (SI): N
• Availability (SA): N

Threat 4.0

• Exploit maturity: A

Requirements

• 062 - Define standard configurations
• 266 - Disable insecure functionalities

Fixes

• Csharp
• Go
• Java
• Php
• Scala
• Typescript

Last updated

2024/02/13