Home > Vulnerability Database > CVE-2023-39948

Mend.io Vulnerability Database

CVE-2023-39948

Date: August 11, 2023

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0 and 2.6.5, the "BadParamException" thrown by Fast CDR is not caught in Fast DDS. This can remotely crash any Fast DDS process. Versions 2.10.0 and 2.6.5 contain a patch for this issue.

Language: C++

Severity Score

7.5

Related Resources (7)

Url: https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-x9pj-vrgf-f68f

Url: https://www.debian.org/security/2023/dsa-5481

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-39948

Url: https://github.com/eProsima/Fast-DDS/issues/3422

Url: https://github.com/eProsima/Fast-DDS/files/11117197/fastdds-assert.pcap.zip

Url: https://security-tracker.debian.org/tracker/CVE-2023-39948

Url: https://www.mend.io/vulnerability-database/CVE-2023-39948

Severity Score

7.5

Weakness Type (CWE)

Uncaught Exception

CWE-248

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2023-39948

Date: August 11, 2023

Language: C++

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?