Lucene search

K

MitreVULNRICHMENT:CVE-2021-37253

HistoryDec 05, 2021 - 8:28 p.m.

CVE-2021-37253

2021-12-0520:28:48

mitre

github.com

9

m-files web

denial of service

vulnerability

http requests

range headers

AI Score

6.8

Confidence

High

EPSS

0.059

Percentile

93.6%

SSVC

Exploitation

poc

Automatable

yes

Technical Impact

partial

M-Files Web before 20.10.9524.1 allows a denial of service via overlapping ranges (in HTTP requests with crafted Range or Request-Range headers). NOTE: this is disputed because the range behavior is the responsibility of the web server, not the responsibility of the individual web application

References

packetstormsecurity.com/files/165139/M-Files-Web-Denial-Of-Service.html

seclists.org/fulldisclosure/2021/Dec/1

vulmon.com/vulnerabilitydetails?qid=CVE-2021-37253

www.m-files.com/about/trust-center/security-advisories/cve-2021-37253-denial-of-service/

www.m-files.com/company/trust-center/vulnerability-disclosure/

www.tenable.com/cve/CVE-2021-37253

AI Score

6.8

Confidence

High

EPSS

0.059

Percentile

93.6%

SSVC

Exploitation

poc

Automatable

yes

Technical Impact

partial

Related for VULNRICHMENT:CVE-2021-37253

cvelist1 packetstorm1 cve1 prion1 cnvd1 nvd1 zdt1