Lucene search

TwcertCVELIST:CVE-2021-45916

HistoryJan 03, 2022 - 10:10 a.m.

CVE-2021-45916 SUN & MOON RISE CO., LTD. Shockwall - Improper Input Validation

2022-01-0310:10:20

CWE-20

twcert

www.cve.org

cve-2021-45916

sun & moon rise co.

ltd.

shockwall

input validation

local network

security vulnerability

CVSS3

3.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

AI Score

4.2

Confidence

High

EPSS

Percentile

12.6%

JSON

The programming function of Shockwall system has an improper input validation vulnerability. An authenticated attacker within the local area network can send malicious response to the server to disrupt the service partially.

CNA Affected

[
  {
    "product": "Shockwall",
    "vendor": "SUN & MOON RISE CO., LTD.",
    "versions": [
      {
        "lessThan": "7.20.0401",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

www.twcert.org.tw/tw/cp-132-5432-b9074-1.html

CVSS3

3.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

AI Score

4.2

Confidence

High

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2021-45916