1.10

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

rare-technologies

CWE-476

NVD

Published: 2021-12-17

Updated: 2021-12-27

Summary

Null pointer reference in CMS_Conservative_increment_obj in RaRe-Technologies bounter version 1.01 and 1.10, allows attackers to conduct Denial of Service attacks by inputting a huge width of hash bucket.

Vulnerable Configurations

Part	Description	Count
Application	Rare-Technologies Rare Technologies Bounter 1.01 Rare Technologies Bounter 1.10	2

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://github.com/RaRe-Technologies/bounter/issues/47