CVE-2023-46272

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Feb 19, 2025

Updated: Feb 20, 2025

CWE ID 121

Summary

CVE-2023-46272 is a buffer overflow vulnerability affecting Extreme Networks IQ Engine versions before 10.6r1a and through 10.6r4 up to 10.6r5. An attacker can exploit this flaw in the implementation of the ah_auth service to execute arbitrary code. This issue poses a significant risk, as successful exploitation could allow unauthorized access, data theft, or system compromise. Organizations utilizing these affected Extreme Networks IQ Engine versions are strongly advised to apply the appropriate patches to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tE1qfc
https://www.cve.org/CVERecord?id=CVE-2023-46272
https://nvd.nist.gov/vuln/detail/CVE-2023-46272

Back to Vulnerability Database

CVE-2023-46272

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations