Lucene search

[email protected]NVD:CVE-2021-45916

HistoryJan 03, 2022 - 10:15 a.m.

CVE-2021-45916

2022-01-0310:15:08

CWE-20

[email protected]

web.nvd.nist.gov

cve-2021-45916

shockwall

input validation

CVSS2

2.7

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:S/C:N/I:N/A:P

CVSS3

3.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

EPSS

Percentile

12.6%

JSON

The programming function of Shockwall system has an improper input validation vulnerability. An authenticated attacker within the local area network can send malicious response to the server to disrupt the service partially.

Affected configurations

Nvd

Node

smrshenwang_endpoint_protection_security_systemRange<7.20.0401

VendorProductVersionCPE
smrshenwang_endpoint_protection_security_system*cpe:2.3:a:smr:shenwang_endpoint_protection_security_system:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
smr	shenwang_endpoint_protection_security_system	*	cpe:2.3:a:smr:shenwang_endpoint_protection_security_system::::::::

References

www.twcert.org.tw/tw/cp-132-5432-b9074-1.html

CVSS2

2.7

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:S/C:N/I:N/A:P

CVSS3

3.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2021-45916

prion1 cnvd1 cvelist1 cve1