| Vulnerability Name: | CVE-2022-33749 (CCN-238197) | ||||||||||||
| Assigned: | 2022-10-11 | ||||||||||||
| Published: | 2022-10-11 | ||||||||||||
| Updated: | 2022-10-14 | ||||||||||||
| Summary: | XAPI open file limit DoS It is possible for an unauthenticated client on the network to cause XAPI to hit its file-descriptor limit. This causes XAPI to be unable to accept new requests for other (trusted) clients, and blocks XAPI from carrying out any tasks that require the opening of file descriptors. | ||||||||||||
| CVSS v3 Severity: | 5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) 4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)
5.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 4.9 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)
| ||||||||||||
| Vulnerability Type: | CWE-400 | ||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2022-33749 Source: MLIST Type: Mailing List, Patch, Third Party Advisory [oss-security] 20221011 Xen Security Advisory 413 v2 (CVE-2022-33749) - XAPI open file limit DoS Source: CCN Type: Xen Security Advisory XSA-413 XAPI open file limit DoS Source: CONFIRM Type: Patch, Vendor Advisory http://xenbits.xen.org/xsa/advisory-413.html Source: XF Type: UNKNOWN xen-cve202233749-dos(238197) Source: MISC Type: Patch, Vendor Advisory https://xenbits.xenproject.org/xsa/advisory-413.txt | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||