CVE-2023-53873

Vulnerability Description

SyncBreeze 15.2.24 contains a denial of service vulnerability in the login authentication mechanism that allows attackers to crash the service. Attackers can send an oversized password parameter with repeated 'password=' values to overwhelm the login endpoint and potentially disrupt service availability.

Related Weaknesses (CWE)

CWE-400

References

https://www.exploit-db.com/exploits/51725
https://www.syncbreeze.com/
https://www.vulncheck.com/advisories/syncbreeze-denial-of-service-via-login-endp

FAQ

What is CVE-2023-53873?

CVE-2023-53873 is a documented vulnerability. SyncBreeze 15.2.24 contains a denial of service vulnerability in the login authentication mechanism that allows attackers to crash the service. Attackers can send an oversized password parameter with ...

How severe is CVE-2023-53873?

CVSS scoring is not yet available for CVE-2023-53873. Check NVD for updates.

Is there a patch for CVE-2023-53873?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.