Vulnerabilities > CVE-2021-38449 - Write-what-where Condition vulnerability in Auvesy Versiondog

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
auvesy
CWE-123

Summary

Some API functions permit by-design writing or copying data into a given buffer. Since the client controls these parameters, an attacker could rewrite the memory in any location of the affected product.

Common Weakness Enumeration (CWE)