CVE-2021-31882
published 2021-11-09CVE-2021-31882: A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). The DHCP…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). The DHCP client application does not validate the length of the Domain Name Server IP option(s) (0x06) when processing DHCP ACK packets. This may lead to Denial-of-Service conditions. (FSMD-2021-0011)
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | capital_embedded_ar_classic_431-422 | < * | * |
| siemens | capital_embedded_ar_classic_r20-11 | < V2303 | V2303 |
| siemens | nucleus_readystart_v3 | < 2017.02.1 | 2017.02.1 |