VDB
CNVD-2023-62290
CNVD-2023-62290
PUBLISHED
CVSS 5.300000190734863 MEDIUM
Wireshark是开放源代码的网络协议分析软件,用于解决网络故障等问题。该软件能够在多种平台上运行,能够捕获网络数据包,并能够解析多种协议。 Wireshark存在安全漏洞,攻击者可利用该漏洞发起拒绝服务攻击。
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wireshark Foundation | Wireshark | >=4.0.0, <4.0.6, >=3.6.0, <3.6.14 |
Exploit Intelligence
- CIRCL published-proof-of-concept: CVE-2023-2855 (circl-sighting)
- https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html (circl)
- https://www.wireshark.org/security/wnpa-sec-2023-12.html (circl)
- https://gitlab.com/wireshark/wireshark/-/issues/19062 (circl)
- https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2855.json (circl)
- DSA-5429 (circl)
- GLSA-202309-02 (circl)
Timeline
- May 26, 2023 CVE Published
- May 30, 2023 CVE ID Reserved
- Jan 15, 2025 PoC Published
- May 2, 2026 Distribution Patch
- May 2, 2026 Security Advisory
- May 2, 2026 Security Advisory
References
- https://www.wireshark.org/security/wnpa-sec-2023-12.html url
- https://gitlab.com/wireshark/wireshark/-/issues/19062 url
- https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2855.json url
- DSA-5429 vendor-advisory
- GLSA-202309-02 vendor-advisory
- https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html url