CVE-2025-46354

A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation functionality of Bloomberg Comdb2 8.1. A specially crafted network packet can lead to a denial of service. An attacker can send a malicious packet to trigger this vulnerability.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2198
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2198

Configurations

No configuration.

History

23 Jul 2025, 15:15

Type	Values Removed	Values Added
References	~~() https://talosintelligence.com/vulnerability_reports/TALOS-2025-2198 -~~	() https://talosintelligence.com/vulnerability_reports/TALOS-2025-2198 -
Summary		(es) Existe una vulnerabilidad de denegación de servicio en la funcionalidad de "Commit/Abort" de operaciones de Operation functionality de Bloomberg Comdb2 8.1. Un paquete de red especialmente manipulado puede provocar una denegación de servicio. Un atacante puede enviar un paquete malicioso para activar esta vulnerabilidad.

22 Jul 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-22 16:15

Updated : 2025-07-25 15:29

NVD link : CVE-2025-46354

Mitre link : CVE-2025-46354

CVE.ORG link : CVE-2025-46354

JSON object : View

Products Affected

No product.

CWE

CWE-617

Reachable Assertion

7.5 /10