NASK - PIB BotSense Incorrect String Encoding Vulnerability Allowing Field Separator Injection

Vulnerability

A vulnerability in NASK - PIB BotSense prior to version 2.8.0 allows for incorrect string encoding, which can lead to the injection of additional field separator characters or values into some fields of the generated event. This injected data can be logged in the 'extraData' field, potentially disrupting data processing or analysis.

Impact

Exploitation of this vulnerability could result in improper data handling, with injected field separators or values potentially causing log parsing issues or data corruption.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NASK - PIB BotSense Incorrect String Encoding Vulnerability Allowing Field Separator Injection

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating