Resource exhaustion in Positive Technologies Maxpatrol 8 (Server)
CVE-2021-4467
Positive Technologies MaxPatrol 8 and XSpider contain a remote denial-of-service vulnerability in the client communication service on TCP port 2002. The service generates a new session identifier for each incoming connection without adequa…
Vulnerability class: DoS (Denial of Service)
EPSS: 0.004 (32.0th percentile) — read the EPSS interpretation.
Affected products
- Positive Technologies Maxpatrol 8 (Server) — versions 0
- Positive Technologies Xspider (Server) — versions 0
Weakness classification (CWE)
References
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (third-party-advisory)