How severe is CVE-2024-39808?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.6 out of 10.

What type of vulnerability is CVE-2024-39808?

This is classified as CWE-131, which is a common weakness in software security.

CVE-2024-39808 - MEDIUM Severity | CVSS 4.6

Vulnerability Description

Incorrect Calculation of Buffer Size (CWE-131) in the Controller 6000 and Controller 7000 OSDP message handling, allows an attacker with physical access to Controller wiring to instigate a reboot leading to a denial of service. This issue affects: Controller 6000 and Controller 7000 9.10 prior to vCR9.10.240816a (distributed in 9.10.1530 (MR2)), 9.00 prior to vCR9.00.240816a (distributed in 9.00.2168 (MR4)), 8.90 prior to vCR8.90.240816a (distributed in 8.90.2155 (MR5)), 8.80 prior to vCR8.80.240816b (distributed in 8.80.1938 (MR6)), all versions of 8.70 and prior.

Related Vulnerabilities

CVE-2020-6106

MEDIUM

CVSS:4.4(Medium)

An exploitable information disclosure vulnerability exists in the init_node_manager functionality of F2fs-Tools F2fs.Fsck 1.12 and 1.13. A specially crafted filesystem can be used to disclose informat...

CWE-1312020

CVE-2019-15161

MEDIUM

CVSS:5.3(Medium)

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.

CWE-1312019

CVE-2020-1680

MEDIUM

CVSS:5.3(Medium)

On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receipt of a malformed IPv6 packet may crash the MS-PIC component on MS-MIC or MS-MPC. This issue occurs w...

CWE-1312020

CVE-2021-40526

MEDIUM

CVSS:5.3(Medium)

Incorrect calculation of buffer size vulnerability in Peleton TTR01 up to and including PTV55G allows a remote attacker to trigger a Denial of Service attack through the GymKit daemon process by explo...

CWE-1312021

CVE-2023-6780

MEDIUM

CVSS:5.3(Medium)

An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called wi...

CWE-1312023

CVE-2019-5435

LOW

CVSS:3.7(Low)

An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1.

CWE-1312019