CVE-2023-48947

Name of the Vulnerable Software and Affected Versions openlink virtuoso-opensource version 7.2.11

Description The issue is related to the incorrect implementation of the sequence of actions in the cha cmp component of the Virtuoso-opensource web application development platform. Exploitation of this issue can allow a remote attacker to cause a Denial of Service (DoS) after executing a SELECT statement.

Recommendations For openlink virtuoso-opensource version 7.2.11, consider disabling the cha cmp function as a temporary workaround to minimize the risk of exploitation until a patch is available. Restrict access to the vulnerable component to prevent remote attackers from causing a Denial of Service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.