Vulnerabilities > CVE-2021-23017 - Off-by-one Error vulnerability in multiple products

047910
CVSS 7.7 - HIGH
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
LOW

Summary

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

Vulnerable Configurations

Part Description Count
Application
F5
349
Application
Openresty
167
Application
Netapp
1
Application
Oracle
42
OS
Fedoraproject
2

Common Weakness Enumeration (CWE)