Improper Check or Handling of Exceptional Conditions in Shadankun Server Security Type - CVE-2020-5622
Published: August 31, 2020
Vulnerability identifier: #VU46131
CSH Severity: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2020-5622
CWE-ID: CWE-703
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Shadankun Server Security Type
Shadankun Server Security Type
Software vendor:
Cyber Security Cloud
Cyber Security Cloud
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists when "Rule id" is assigned by the product's internal script overlap, due to it would not be able to add newly detected attack source IP addresses as the blocking targets. A remote attacker can cause a denial of service condition on the target system.
Remediation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.