Main Vulnerability Database Vulnerabilities #VU57568

#VU57568 Input validation error in Versiondog - CVE-2021-38455

Published: October 20, 2021

Vulnerability identifier: #VU57568

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2021-38455

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Versiondog

Software vendor:
AUVESY

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the affected product’s OS Service does not verify any given parameter. A remote authenticated attacker can supply any type of parameter that will be passed to inner calls without checking the type of the parameter or the value.

Remediation

Install updates from vendor's website.

External links

https://ics-cert.us-cert.gov/advisories/icsa-21-292-01

#VU57568 Input validation error in Versiondog - CVE-2021-38455

Description

Remediation

External links

Please verify you're human