Lucene search

[email protected]CVE-2021-36134

HistorySep 27, 2021 - 5:15 p.m.

CVE-2021-36134

2021-09-2717:15:08

CWE-787

[email protected]

web.nvd.nist.gov

cve-2021-36134

jpeg parsing

vulnerability

netop vision pro

dos

nvd

3.3 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

7.4 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

46.4%

JSON

Out of bounds write vulnerability in the JPEG parsing code of Netop Vision Pro up to and including 9.7.2 allows an adjacent unauthenticated attacker to write to arbitrary memory potentially leading to a Denial of Service (DoS).

Affected configurations

NVD

Node

netopvision_proRange≤9.7.2

AND

microsoftwindowsMatch-

CPENameOperatorVersion
netop:vision_pronetop vision prole9.7.2

CPE	Name	Operator	Version
netop:vision_pro	netop vision pro	le	9.7.2

References

www.mcafee.com/blogs/?p=127255&preview=true

3.3 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

7.4 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

46.4%

JSON

Related for CVE-2021-36134

trellix2 prion1 cvelist1 nvd1