Vulnerability Description
O-RAN RIC I-Release e2mgr lacks array size checks in RicServiceUpdateHandler.
CVSS Score
4.3
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| O-Ran-Sc | Ric-Plt-E2Mgr | - |
Related Weaknesses (CWE)
References
- https://gerrit.o-ran-sc.org/r/c/ric-plt/e2mgr/+/12629Patch
- https://jira.o-ran-sc.org/browse/RIC-1044Broken Link
- https://gerrit.o-ran-sc.org/r/c/ric-plt/e2mgr/+/12629Patch
- https://jira.o-ran-sc.org/browse/RIC-1044Broken Link
FAQ
What is CVE-2024-34047?
CVE-2024-34047 is a vulnerability with a CVSS score of 4.3 (MEDIUM). O-RAN RIC I-Release e2mgr lacks array size checks in RicServiceUpdateHandler.
How severe is CVE-2024-34047?
CVE-2024-34047 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-34047?
Check the references section above for vendor advisories and patch information. Affected products include: O-Ran-Sc Ric-Plt-E2Mgr.