PT-2023-21767 · Rocket · Unidata+1
Ron Bowes
·
Published
2023-03-29
·
Updated
2023-04-06
·
CVE-2023-28507
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Rocket Software UniData versions prior to 8.2.4 build 3003
Rocket Software UniVerse versions prior to 11.3.5 build 1001
Rocket Software UniVerse versions prior to 12.2.1 build 2002
Description
The issue is a memory-exhaustion problem where a decompression routine allocates increasing amounts of memory until all system memory is exhausted, causing the forked process to crash.
Recommendations
For Rocket Software UniData versions prior to 8.2.4 build 3003, update to version 8.2.4 build 3003 or later.
For Rocket Software UniVerse versions prior to 11.3.5 build 1001, update to version 11.3.5 build 1001 or later.
For Rocket Software UniVerse versions prior to 12.2.1 build 2002, update to version 12.2.1 build 2002 or later.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Unidata
Universe