What is CVE-2021-38465?

CVE-2021-38465 is a high-severity vulnerability in Auvesy Versiondog, classified under Uncontrolled Resource Consumption. CVSS score: 8.0/10. Published 2021-10-22.

How severe is CVE-2021-38465?

High severity. CVSS v3 base score is 8.0 out of 10.

Resource exhaustion in Auvesy Versiondog

CVE-2021-38465

The webinstaller is a Golang web server executable that enables the generation of an Auvesy image agent. Resource consumption can be achieved by generating large amounts of installations, which are then saved without limitation in the temp…

Vulnerability class: DoS (Denial of Service)

EPSS: 0.003 (54.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.0 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

Auvesy Versiondog — versions All

Weakness classification (CWE)

CWE-400 — Uncontrolled Resource Consumption

References

us-cert.cisa.gov/ics/advisories/icsa-21-292-01 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2021-38465?: CVE-2021-38465 is a high-severity vulnerability in Auvesy Versiondog, classified under Uncontrolled Resource Consumption. CVSS score: 8.0/10. Published 2021-10-22.
How severe is CVE-2021-38465?: High severity. CVSS v3 base score is 8.0 out of 10.