CVE Vulnerabilities

CVE-2003-1433

Improper Authentication

Published: Dec 31, 2003 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times.

Weakness

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Affected Software

Name Vendor Start Version End Version
Unreal_engine Epic_games 226f 226f
Unreal_engine Epic_games 433 433
Unreal_engine Epic_games 436 436

Potential Mitigations

References