Vulnerability Description
OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker to cause a server to stop processing messages by sending crafted messages that exhaust available resources.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Opcfoundation | Ua-Java | 2022-04-01 |
Related Weaknesses (CWE)
References
- https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20PatchVendor Advisory
- https://github.com/OPCFoundation/UA-Java-LegacyProductThird Party Advisory
- https://opcfoundation.orgVendor Advisory
- https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20PatchVendor Advisory
- https://github.com/OPCFoundation/UA-Java-LegacyProductThird Party Advisory
- https://opcfoundation.orgVendor Advisory
FAQ
What is CVE-2022-30551?
CVE-2022-30551 is a vulnerability with a CVSS score of 7.5 (HIGH). OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker to cause a server to stop processing messages by sending crafted messages that exhaust available resources.
How severe is CVE-2022-30551?
CVE-2022-30551 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-30551?
Check the references section above for vendor advisories and patch information. Affected products include: Opcfoundation Ua-Java.