VDB-107164 · CVE-2017-14748 · BID 101087

Blizzard Overwatch 1.15.0.2 Competitive Match race condition

A vulnerability classified as problematic was found in Blizzard Overwatch 1.15.0.2. This vulnerability affects an unknown functionality of the component Competitive Match Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field	11/20/2019 07:17 AM	01/14/2021 02:36 PM	01/14/2021 02:41 PM
vendor	Blizzard	Blizzard	Blizzard
name	Overwatch	Overwatch	Overwatch
version	1.15.0.2	1.15.0.2	1.15.0.2
component	Competitive Match Handler	Competitive Match Handler	Competitive Match Handler
cwe	362 (race condition)	362 (race condition)	362 (race condition)
risk	1	1	1
popularity	60	60	60
cvss2_vuldb_basescore	3.5	3.5	3.5
cvss2_vuldb_tempscore	3.5	3.5	3.5
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	M	M	M
cvss2_vuldb_au	S	S	S
cvss2_vuldb_ci	N	N	N
cvss2_vuldb_ii	N	N	N
cvss2_vuldb_ai	P	P	P
cvss3_meta_basescore	4.3	4.8	4.8
cvss3_meta_tempscore	4.3	4.8	4.8
cvss3_vuldb_basescore	4.3	4.3	4.3
cvss3_vuldb_tempscore	4.3	4.3	4.3
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	L	L	L
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	N	N	N
cvss3_vuldb_i	N	N	N
cvss3_vuldb_a	L	L	L
date	1506384000 (09/26/2017)	1506384000 (09/26/2017)	1506384000 (09/26/2017)
url	https://us.battle.net/forums/en/overwatch/topic/20759216554	https://us.battle.net/forums/en/overwatch/topic/20759216554	https://us.battle.net/forums/en/overwatch/topic/20759216554
price_0day	$0-$5k	$5k-$25k	$5k-$25k
cve	CVE-2017-14748	CVE-2017-14748	CVE-2017-14748
cve_assigned	1506384000	1506384000	1506384000
cve_nvd_published	1506384000	1506384000	1506384000
cve_nvd_summary	Race condition in Blizzard Overwatch 1.15.0.2 allows remote authenticated users to cause a denial of service (season bans and SR losses for other users) by leaving a competitive match at a specific time during the initial loading of that match.	Race condition in Blizzard Overwatch 1.15.0.2 allows remote authenticated users to cause a denial of service (season bans and SR losses for other users) by leaving a competitive match at a specific time during the initial loading of that match.	Race condition in Blizzard Overwatch 1.15.0.2 allows remote authenticated users to cause a denial of service (season bans and SR losses for other users) by leaving a competitive match at a specific time during the initial loading of that match.
securityfocus	101087	101087	101087
securityfocus_title	Blizzard Overwatch CVE-2017-14748 Denial of Service Vulnerability	Blizzard Overwatch CVE-2017-14748 Denial of Service Vulnerability	Blizzard Overwatch CVE-2017-14748 Denial of Service Vulnerability
location	Website	Website	Website
cvss2_vuldb_e	ND	ND	ND
cvss2_vuldb_rl	ND	ND	ND
cvss2_vuldb_rc	ND	ND	ND
cvss3_vuldb_e	X	X	X
cvss3_vuldb_rl	X	X	X
cvss3_vuldb_rc	X	X	X
0day_days	5	5	5
discoverydate	1505952000	1505952000	1505952000
cvss2_nvd_av	N	N	N
cvss2_nvd_ac	M	M	M
cvss2_nvd_au	S	S	S
cvss2_nvd_ci	N	N	N
cvss2_nvd_ii	N	N	N
cvss2_nvd_ai	P	P	P
securityfocus_date	1506384000 (09/26/2017)	1506384000 (09/26/2017)	1506384000 (09/26/2017)
securityfocus_class	Race Condition Error	Race Condition Error	Race Condition Error
cvss3_nvd_av		N	N
cvss3_nvd_ac		H	H
cvss3_nvd_pr		L	L
cvss3_nvd_ui		N	N
cvss3_nvd_s		U	U
cvss3_nvd_c		N	N
cvss3_nvd_i		N	N
cvss3_nvd_a		H	H
cvss2_nvd_basescore		3.5	3.5
cvss3_nvd_basescore		5.3	5.3
person_name			Chromega.

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!