exploitDog

CVE-2020-9000

Опубликовано: 01 сент. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in iPortalis iCS 7.1.13.0. Attackers can send a sequence of requests to rapidly cause .NET Input Validation errors. This increases the size of the log file on the remote server until memory is exhausted, therefore consuming the maximum amount of resources (triggering a denial of service condition).

Ссылки

https://websec.nl/blog/
Third Party Advisory
https://websec.nl/blog/6127847280e759c7d31286d0/cve%20report%20august%202021/
Third Party Advisory
https://websec.nl/blog/
Third Party Advisory
https://websec.nl/blog/6127847280e759c7d31286d0/cve%20report%20august%202021/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:iportalis:iportalis_control_portal:7.1.13.0:*:*:*:*:*:*:*

EPSS

Процентиль: 56%

0.00334

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-400

Связанные уязвимости

GHSA-26mq-g447-6cjq

github

больше 3 лет назад

An issue was discovered in iPortalis iCS 7.1.13.0. Attackers can send a sequence of requests to rapidly cause .NET Input Validation errors. This increases the size of the log file on the remote server until memory is exhausted, therefore consuming the maximum amount of resources (triggering a denial of service condition).

EPSS

Процентиль: 56%

0.00334

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-400