Vulnerabilities > CVE-2021-38429 - Insufficient Control of Network Message Volume (Network Amplification) vulnerability in Objectcomputing Opendds

047910
CVSS 9.1 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
objectcomputing
CWE-406
critical
NVD
Published: 2022-05-05
Updated: 2022-05-13

Summary

OCI OpenDDS versions prior to 3.18.1 are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic, which may result in a denial-of-service condition and information exposure.

Vulnerable Configurations

Part Description Count
Application
Objectcomputing
1

Common Weakness Enumeration (CWE)

References