PT-2023-24020 · Unknown · Opc Ua Legacy Java Stack
Jouniaro
·
Published
2023-05-15
·
Updated
2024-04-02
·
CVE-2023-32787
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
OPC UA Legacy Java Stack versions prior to 6f176f2
Description
The issue allows an attacker to block OPC UA server applications via uncontrolled resource consumption, causing them to be unable to serve client applications. This is a denial-of-service vulnerability that can be exploited to exhaust resources.
Recommendations
For versions prior to 6f176f2, update to a version that includes the fix for this issue to prevent resource exhaustion attacks. As a temporary workaround, consider implementing measures to limit resource consumption by the OPC UA server application.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Opc Ua Legacy Java Stack