Vulnerabilities > CVE-2021-34587 - Out-of-bounds Write vulnerability in multiple products

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

ibm

bender

CWE-787

NVD

Published: 2022-04-27

Updated: 2022-05-24

Summary

In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM IBM Rational Lifecycle Integration Adapter FOR Windchill 1.0.0	1
OS	Bender Bender Cc612 Firmware * Bender Cc612 Firmware 5.11.0 Bender Cc613 Firmware * Bender Icc15Xx Firmware * Bender Icc16Xx Firmware *	5
Hardware	Bender Bender Cc612 - Bender Cc613 - Bender Icc15Xx - Bender Icc16Xx -	4

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://cert.vde.com/en/advisories/VDE-2021-047