exploitDog

CVE-2021-38311

Опубликовано: 09 авг. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 4.3

EPSS Низкий

Описание

In Contiki 3.0, potential nonterminating acknowledgment loops exist in the Telnet service. When the negotiated options are already disabled, servers still respond to DONT and WONT requests with WONT or DONT commands, which may lead to infinite acknowledgment loops, denial of service, and excessive CPU consumption.

Ссылки

https://github.com/contiki-os/contiki/issues/2685
Exploit
Issue Tracking
Patch
Third Party Advisory
https://github.com/contiki-os/contiki/issues/2685
Exploit
Issue Tracking
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:contiki-os:contiki:3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 51%

0.0028

Низкий

7.5 High

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-835

Связанные уязвимости

GHSA-cw9g-qwf2-42hw

github

больше 3 лет назад

In Contiki 3.0, potential nonterminating acknowledgment loops exist in the Telnet service. When the negotiated options are already disabled, servers still respond to DONT and WONT requests with WONT or DONT commands, which may lead to infinite acknowledgment loops, denial of service, and excessive CPU consumption.

EPSS

Процентиль: 51%

0.0028

Низкий

7.5 High

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-835