Vulnerabilities > CVE-2015-6484 - NULL Pointer Dereference Remote Denial of Service vulnerability in CODESYS Gateway Server

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

3s-smart-software-solutions

NVD

Published: 2015-10-25

Updated: 2015-10-27

Summary

3S-Smart CODESYS Gateway Server before 2.3.9.48 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted (1) GET or (2) POST request. <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>

Vulnerable Configurations

Part	Description	Count
Application	3S-Smart_Software_Solutions 3S Smart Software Solutions Codesys Gateway Server *	1

References

https://ics-cert.us-cert.gov/advisories/ICSA-15-293-03