CODESYS Gateway Server V2 prone to Denial of Service Attack
CVE-2022-31803

5.3MEDIUM

Key Information:

Vendor: Codesys
Status: Codesys Gateway Server V2
Vendor: CVE Published:; 24 June 2022

What is CVE-2022-31803?

In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connections are not affected and therefore remain intact.

Affected Version(s)

CODESYS Gateway Server V2 V2

References

https://customers.codesys.com/index.php?eID=dumpFile&t=f&...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2022
Vulnerability Reserved
May 30, 2022

Codesys

What is CVE-2022-31803?

Affected Version(s)

References

CVSS V3.1

Timeline