CVE-2023-34389: Allocation of resources without limits could lead to denial of service

4.5 CVSS

Description

An allocation of resources without limits or throttling vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to make the system unavailable for an indefinite amount of time.

See product Instruction Manual Appendix A dated 20230830 for more details.

Classification

CVE ID: CVE-2023-34389

CVSS Base Severity: MEDIUM

CVSS Base Score: 4.5

Affected Products

Vendor: Schweitzer Engineering Laboratories

Product: SEL-451

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.09% (probability of being exploited)

EPSS Percentile: 38.26% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://selinc.com/support/security-notifications/external-reports/
https://www.nozominetworks.com/blog/

Timeline

2024-12-03 00:11:17 UTC
CVE

Allocation of resources without limits could lead to denial of service