CVE-2023-31048

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions OPC UA .NET Standard Reference Server versions prior to 1.4.371.86

Description The issue allows remote attackers to send malicious requests that expose sensitive information by placing it into an error message. This error message may be seen remotely, potentially compromising security.

Recommendations For versions prior to 1.4.371.86, update to version 1.4.371.86 or later to resolve the issue. As a temporary workaround, consider restricting access to the server to minimize the risk of exploitation.

Fix

Information Disclosure

Generation of Error Message Containing Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-209

Related Identifiers

CVE-2023-31048

GHSA-4CVP-HR63-822J

Affected Products

Opc Ua .Net Standard Reference Server

CVE-2023-31048

Weakness Enumeration

Related Identifiers

Affected Products

References · 9