CVE-2022-29864 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-29864 PUBLISHED CVSS 7.5 HIGH

Reported by mitre · Published June 16, 2022

OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption.

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
NuGet	OPCFoundation.NetStandard.Opc.Ua	0, 0, 0
n/a	n/a	n/a, n/a, n/a
NuGet	OPCFoundation.NetStandard.Opc.Ua.Core	0, 0, 0

Timeline

Jun 16, 2022 CVE Published
Jun 17, 2022 EPSS Score
Aug 4, 2022 EPSS Score
Nov 7, 2022 EPSS Score
Dec 25, 2022 EPSS Score
Feb 10, 2023 EPSS Score
Mar 29, 2023 EPSS Score
May 16, 2023 EPSS Score
Jul 2, 2023 EPSS Score
Oct 5, 2023 EPSS Score
Nov 22, 2023 EPSS Score
Jan 8, 2024 EPSS Score

References

x_refsource_MISC
x_refsource_MISC
https://github.com/OPCFoundation/UA-.NETStandard/security/advisories/GHSA-vhfw-v69p-crcw url
https://nvd.nist.gov/vuln/detail/CVE-2022-29864 advisory
https://github.com/advisories/GHSA-vhfw-v69p-crcw advisory

Open in Interactive Console →