CVE-2021-37146

Sažetak

An infinite loop in Open Robotics ros_comm XMLRPC server in ROS Melodic through 1.4.11 and ROS Noetic through1.15.11 allows remote attackers to cause a Denial of Service in ros_comm via a crafted XMLRPC call.

Reference

https://discourse.ros.org/t/new-packages-for-melodic-2021-09-27/22446
https://github.com/ros/ros_comm
https://discourse.ros.org/t/new-packages-for-noetic-2021-09-27/22447

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

06-10-2021 - 19:37

Objavljeno

28-09-2021 - 13:15