← Volver a CVEs
CVE-2023-45284
MEDIUM5.3
Descripcion
On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as "COM1 ", and reserved names "COM" and "LPT" followed by superscript 1, 2, or 3, are incorrectly reported as local. With fix, IsLocal now correctly reports these names as non-local.
Detalles CVE
Puntuacion CVSS v3.15.3
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado11/9/2023
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
golang:gomicrosoft:windows
Referencias
https://go.dev/cl/540277(security@golang.org)
https://go.dev/issue/63713(security@golang.org)
https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY(security@golang.org)
https://pkg.go.dev/vuln/GO-2023-2186(security@golang.org)
https://go.dev/cl/540277(af854a3a-2127-422b-91ae-364da2661108)
https://go.dev/issue/63713(af854a3a-2127-422b-91ae-364da2661108)
https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY(af854a3a-2127-422b-91ae-364da2661108)
https://pkg.go.dev/vuln/GO-2023-2186(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.