Lucene search

[email protected]CVE-2021-34581

HistoryAug 31, 2021 - 11:15 a.m.

CVE-2021-34581

2021-08-3111:15:00

CWE-772

[email protected]

web.nvd.nist.gov

cve-2021-34581

openssl

wago

dos

vulnerability

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

44.2%

JSON

Missing Release of Resource after Effective Lifetime vulnerability in OpenSSL implementation of WAGO 750-831/xxx-xxx, 750-880/xxx-xxx, 750-881, 750-889 in versions FW4 up to FW15 allows an unauthenticated attacker to cause DoS on the device.

CPENameOperatorVersion
wago:750-880\/040-000_firmwarewago 750-880\/040-000 firmwarelefw15
wago:750-880\/025-002_firmwarewago 750-880\/025-002 firmwarelefw15
wago:750-880\/025-001_firmwarewago 750-880\/025-001 firmwarelefw15
wago:750-880\/025-000_firmwarewago 750-880\/025-000 firmwarelefw15
wago:750-831\/000-002_firmwarewago 750-831\/000-002 firmwarelefw15
wago:750-889_firmwarewago 750-889 firmwarelefw15
wago:750-881_firmwarewago 750-881 firmwarelefw15
wago:750-831_firmwarewago 750-831 firmwarelefw15
wago:750-880_firmwarewago 750-880 firmwarelefw15

CPE	Name	Operator	Version
wago:750-880\/040-000_firmware	wago 750-880\/040-000 firmware	le	fw15
wago:750-880\/025-002_firmware	wago 750-880\/025-002 firmware	le	fw15
wago:750-880\/025-001_firmware	wago 750-880\/025-001 firmware	le	fw15
wago:750-880\/025-000_firmware	wago 750-880\/025-000 firmware	le	fw15
wago:750-831\/000-002_firmware	wago 750-831\/000-002 firmware	le	fw15
wago:750-889_firmware	wago 750-889 firmware	le	fw15
wago:750-881_firmware	wago 750-881 firmware	le	fw15
wago:750-831_firmware	wago 750-831 firmware	le	fw15
wago:750-880_firmware	wago 750-880 firmware	le	fw15

References

cert.vde.com/en-us/advisories/vde-2021-038

Social References

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

44.2%

JSON

Related for CVE-2021-34581

prion1 nessus1 cvelist1