Denial of Service Vulnerability in Cesanta mjs Product
CVE-2023-49553

7.5HIGH

Key Information:

Vendor: Cesanta
Status: Mjs
Vendor: CVE Published:; 2 January 2024

What is CVE-2023-49553?

A vulnerability exists in Cesanta's mjs version 2.20.0 that allows remote attackers to trigger a denial of service. Through the mjs_destroy function found in the msj.c file, an adversary can exploit this flaw, leading to potential system crashes and unavailability. This risk illustrates the importance of updated security measures and timely patching to protect systems utilizing this software.

References

https://github.com/cesanta/mjs/issues/253

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 2, 2024
Vulnerability Reserved
Nov 27, 2023

CVE-2023-49553 Data

JSON