Vulnerabilities > CVE-2019-15523 - Unchecked Return Value vulnerability in multiple products

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
linbit
debian
CWE-252

Summary

An issue was discovered in LINBIT csync2 through 2.0. It does not correctly check for the return value GNUTLS_E_WARNING_ALERT_RECEIVED of the gnutls_handshake() function. It neglects to call this function again, as required by the design of the API.

Vulnerable Configurations

Part Description Count
Application
Linbit
3
OS
Debian
1

Common Weakness Enumeration (CWE)