Lucene search

K
cve[email protected]CVE-2021-46853
HistoryNov 03, 2022 - 6:15 a.m.

CVE-2021-46853

2022-11-0306:15:09
web.nvd.nist.gov
35
6
cve-2021-46853
alpine
denial of service
remote attack
application crash
list
lsub
starttls

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.6%

Alpine before 2.25 allows remote attackers to cause a denial of service (application crash) when LIST or LSUB is sent before STARTTLS.

Affected configurations

NVD
Node
alpine_projectalpineRange<2.25

Social References

More

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.6%