CVE-2022-31810

Name of the Vulnerable Software and Affected Versions SiPass integrated versions prior to V2.90.3.8

Description A vulnerability has been identified in SiPass integrated, where affected server applications improperly check the size of data packets received for the configuration client login, causing a stack-based buffer overflow. This could allow an unauthenticated remote attacker to crash the server application, creating a denial of service condition.

Recommendations For versions prior to V2.90.3.8, update to version V2.90.3.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the configuration client login to minimize the risk of exploitation.