CVE-2021-22235
Description
Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.762
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerability CVE-2021-22235 are affected in Wireshark (X64) 3.2.14 | Windows |
| Vulnerability CVE-2021-22235 are affected in Wireshark 3.2.14 | Windows |
| Vulnerabilities CVE-2021-22235 are affected in WireShark For Mac 3.2.14 | Mac |
| Vulnerabilities CVE-2021-22235 are affected in WireShark For Mac 3.4.6 | Mac |
| wireshark security update(DSA-5019-1) wireshark_2.6.20-0+deb10u2_i386.deb | Linux |
| wireshark security update(DSA-5019-1) wireshark_2.6.20-0+deb10u2_amd64.deb | Linux |
| wireshark security update(DSA-5019-1) wireshark_3.4.10-0+deb11u1_amd64.deb | Linux |
| wireshark security update(DSA-5019-1) wireshark_3.4.10-0+deb11u1_i386.deb | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-343288 | Wireshark (X64) (4.4.2) |
| PATCH-338541 | Wireshark (3.6.24) |
| PATCH-611905 | WireShark for Mac (Apple Silicon) (4.4.9) |
| PATCH-611905 | WireShark for Mac (Apple Silicon) (4.4.9) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234