PT-2022-13632 · Softing · Softing Secure Integration Server
Pedro Ribeiro
+1
·
Published
2022-08-17
·
Updated
2022-08-23
·
CVE-2022-1069
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Softing Secure Integration Server version V1.22
Description
A denial-of-service condition can be created in the software by sending a crafted HTTP packet with a large
content-length header. This issue affects the Softing Secure Integration Server.Recommendations
For Softing Secure Integration Server version V1.22, consider restricting access to the HTTP endpoint to minimize the risk of exploitation until a patch is available. As a temporary workaround, limiting the size of the
content-length header may help prevent the denial-of-service condition. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Softing Secure Integration Server