Vulnerabilities > CVE-2023-6378 - Deserialization of Untrusted Data vulnerability in QOS Logback

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
qos
CWE-502
NVD
Published: 2023-11-29
Updated: 2023-12-05

Summary

A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.

Vulnerable Configurations

Part Description Count
Application
Qos
23

Common Weakness Enumeration (CWE)

References