CVE-2022-33749

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-413.txt", "name": "https://xenbits.xenproject.org/xsa/advisory-413.txt", "tags": ["Patch", "Vendor Advisory"], "refsource": "MISC"}, {"url": "http://xenbits.xen.org/xsa/advisory-413.html", "name": "http://xenbits.xen.org/xsa/advisory-413.html", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.openwall.com/lists/oss-security/2022/10/11/4", "name": "[oss-security] 20221011 Xen Security Advisory 413 v2 (CVE-2022-33749) - XAPI open file limit DoS", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "refsource": "MLIST"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "XAPI open file limit DoS It is possible for an unauthenticated client on the network to cause XAPI to hit its file-descriptor limit. This causes XAPI to be unable to accept new requests for other (trusted) clients, and blocks XAPI from carrying out any tasks that require the opening of file descriptors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-400"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-33749", "ASSIGNER": "security@xen.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}}, "publishedDate": "2022-10-11T13:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:xen:xapi:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-10-14T09:23Z"}