U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database

Vulnerability Change Records for CVE-2023-33567

Change History

CVE Rejected by MITRE 5/26/2024 9:15:13 PM

Action Type Old Value New Value

CVE Modified by MITRE 5/26/2024 9:15:13 PM

Action Type Old Value New Value
Removed CPE Configuration 
OR
     
          *cpe:2.3:a:openrobotics:robot_operating_system:2:foxy:*:*:*:*:*:*
 

								
								
					

					

						Removed
						CVSS V3.1
						
							
							
								
							
								
NIST AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						CWE
						
							
							
								
							
								
NIST NVD-CWE-noinfo

								
							
							
								
							
						
								
							
								

								
								
					

					

						Changed
						Description
						
							
							
								
							
								
An unauthorized access vulnerability has been discovered in ROS2 Foxy Fitzroy versions where ROS_VERSION is 2 and ROS_PYTHON_VERSION is 3. This vulnerability could potentially allow a malicious user to gain unauthorized access to multiple ROS2 nodes remotely. Unauthorized access to these nodes could result in compromised system integrity, the execution of arbitrary commands, and disclosure of sensitive information. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability.

								
							
							
								
							
						
								
							
								
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
MITRE http://www.openwall.com/lists/oss-security/2024/04/23/2

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
MITRE http://www.openwall.com/lists/oss-security/2024/04/23/3

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
MITRE http://www.openwall.com/lists/oss-security/2024/04/23/4

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
MITRE http://www.openwall.com/lists/oss-security/2024/04/23/5

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
MITRE https://github.com/16yashpatel/CVE-2023-33567

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						Tag
						
							
							
								
							
								
MITRE disputed