ID CVE-2020-27541
Summary Denial of Service vulnerability in Rostelecom CS-C2SHW 5.0.082.1. AgentGreen service has a bug in parsing broadcast discovery UDP packet. Sending a packet of too small size will lead to an attempt of allocating buffer of negative size. As the result service AgentGreen will be terminated and started again later.
References
Vulnerable Configurations
  • cpe:2.3:o:company:cs-c2shw_firmware:5.0.082.1:*:*:*:*:*:*:*
    cpe:2.3:o:company:cs-c2shw_firmware:5.0.082.1:*:*:*:*:*:*:*
  • cpe:2.3:h:company:cs-c2shw:-:*:*:*:*:*:*:*
    cpe:2.3:h:company:cs-c2shw:-:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 02-02-2021 - 18:49)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
Last major update 02-02-2021 - 18:49
Published 26-01-2021 - 18:15
Last modified 02-02-2021 - 18:49
Back to Top