CVE-2021-31881
published 2021-11-09CVE-2021-31881: A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). When…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). When processing a DHCP OFFER message, the DHCP client application does not validate the length of the Vendor option(s), leading to Denial-of-Service conditions. (FSMD-2021-0008)
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | capital_embedded_ar_classic_431-422 | < * | * |
| siemens | capital_embedded_ar_classic_r20-11 | < V2303 | V2303 |
| siemens | nucleus_readystart_v3 | < 2012.08 | 2012.08 |