Required CVE Record Information
Description
Subnet Solutions PowerSYSTEM Center's SMTPS notification service can be affected by importing an EC certificate with crafted F2m parameters, which can lead to excessive CPU consumption during the evaluation of the curve parameters.
CVSS 2 Total
| Score | Severity | Version | Vector String |
|---|---|---|---|
| 4.3 | MEDIUM | 3.1 | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
| 5.3 | MEDIUM | 4.0 | CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N |
Credits
- Subnet Solutions Inc. reported this vulnerability to CISA. finder