GHSA-qv5f-57gw-vx3h
Suggest an improvement- Source
- https://github.com/advisories/GHSA-qv5f-57gw-vx3h
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/02/GHSA-qv5f-57gw-vx3h/GHSA-qv5f-57gw-vx3h.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-qv5f-57gw-vx3h
- Withdrawn
- 2025-03-03T20:10:40Z
- Published
- 2025-02-10T21:31:37Z
- Modified
- 2025-03-03T20:43:43.350593Z
- Severity
-
- 8.6 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L CVSS Calculator
- Summary
- Duplicate Advisory: Authorization Bypass in OPC UA .NET Standard Stack
- Details
-
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-h958-fxgg-g7w3. This link is maintained to preserve external references.
Original Description
Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled.
- Database specific
{ "nvd_published_at": "2025-02-10T19:15:37Z", "cwe_ids": [ "CWE-208", "CWE-639" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2025-02-10T22:57:19Z" }- References
Affected packages
NuGet / OPCFoundation.NetStandard.Opc.Ua
Package
- Name
- OPCFoundation.NetStandard.Opc.Ua
- View open source insights on deps.dev
- Purl
- pkg:nuget/OPCFoundation.NetStandard.Opc.Ua
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.5.374.158
Affected versions
0.*
0.4.0
0.4.1
0.4.3
0.4.4
0.4.5
1.*
1.3.348
1.3.349
1.3.350
1.3.350.1
1.3.350.3
1.3.350.4
1.3.350.5
1.3.350.6
1.3.351.7
1.3.352.9
1.3.352.10
1.3.352.11
1.3.352.12
1.4.353.13
1.4.353.14
1.4.353.15
1.4.354.16-preview
1.4.354.18-preview
1.4.354.19-preview
1.4.354.20-preview
1.4.354.21
1.4.354.23
1.4.355.24-preview
1.4.355.25
1.4.355.26
1.4.356.27
1.4.357.28
1.4.358.29-preview
1.4.358.30
1.4.359.31
1.4.360.33
1.4.360.34
1.4.361.38
1.4.361.39
1.4.362.40-preview
1.4.362.41-preview
1.4.362.42
1.4.363.47-preview
1.4.363.48-preview
1.4.363.49
1.4.363.104-preview
1.4.363.107
1.4.364.40
1.4.365.1-preview
1.4.365.2
1.4.365.10
1.4.365.23
1.4.365.48
1.4.366.31-preview
1.4.366.38
1.4.367.39
1.4.367.41
1.4.367.42
1.4.367.64-preview
1.4.367.75
1.4.367.95
1.4.367.100
1.4.368.27-preview
1.4.368.33
1.4.368.52-preview
1.4.368.53
1.4.368.58
1.4.369.30
1.4.370.1
1.4.370.9
1.4.370.12
1.4.371.41
1.4.371.50
1.4.371.60
1.4.371.86
1.4.371.91
1.4.371.96
1.4.372.38-preview
1.4.372.46-preview
1.4.372.56
1.4.372.67-preview
1.4.372.76
1.4.372.91-preview
1.4.372.106
1.4.372.107
1.4.372.112-preview
1.4.372.116-preview
1.5.368.2-rc0
1.5.368.3-rc0
1.5.368.5-beta
1.5.371.3-beta
1.5.372.1-rc
1.5.372.110-rc2
1.5.372.113
1.5.373.3-preview
1.5.373.121
1.5.374.26-preview
1.5.374.27
1.5.374.33-preview
1.5.374.36
1.5.374.50-preview
1.5.374.54
1.5.374.61-preview
1.5.374.70
1.5.374.78
1.5.374.118
1.5.374.124
1.5.374.126