CVE-2023-32173

Name of the Vulnerable Software and Affected Versions Unified Automation UaGateway (affected versions not specified)

Description This issue allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. The flaw exists within the implementation of the AddServer method, where specifying crafted arguments can cause invalid characters to be inserted into an XML configuration file, leading to a persistent denial-of-service condition. Authentication is required to exploit this vulnerability when the product is in its default configuration.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.