CVE Catalog

CVE-2023-3803

LowCVSS 2.6
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.55%

41th percentile — higher than 41% of all known CVEs

Summary

A vulnerability has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0 affecting an unknown part of the file /Service/ImageStationDataService.asmx. Manipulation of this part leads to insufficiently random values.

Risk Assessment

This vulnerability may lead to serious security issues, but the complexity of the attack is high, making exploitation difficult.

Recommendation

It is recommended to monitor this vulnerability and implement appropriate security measures to minimize the risk of exploitation.

Original NVD description (English source)

A vulnerability classified as problematic has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This affects an unknown part of the file /Service/ImageStationDataService.asmx of the component File Name Handler. The manipulation leads to insufficiently random values. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235071. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS