Vulnerabilities > CVE-2021-44506 - NULL Pointer Dereference vulnerability in Yottadb Gt.M

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
yottadb
CWE-476

Summary

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of input validation in calls to do_verify in sr_unix/do_verify.c allows attackers to attempt to jump to a NULL pointer by corrupting a function pointer.

Vulnerable Configurations

Part Description Count
Application
Yottadb
1

Common Weakness Enumeration (CWE)