Vulnerability Description
In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Ibm Rational Lifecycle Integration Adapter For Windchill | 1.0.0 |
| Bender | Cc612 Firmware | >= 5.11.0, < 5.11.2 |
| Bender | Cc612 | - |
| Bender | Cc613 Firmware | >= 5.11.0, < 5.11.2 |
| Bender | Cc613 | - |
| Bender | Icc15Xx Firmware | >= 5.11.0, < 5.11.2 |
| Bender | Icc15Xx | - |
| Bender | Icc16Xx Firmware | >= 5.11.0, < 5.11.2 |
| Bender | Icc16Xx | - |
Related Weaknesses (CWE)
References
- https://cert.vde.com/en/advisories/VDE-2021-047Third Party Advisory
- https://cert.vde.com/en/advisories/VDE-2021-047Third Party Advisory
FAQ
What is CVE-2021-34587?
CVE-2021-34587 is a vulnerability with a CVSS score of 5.3 (MEDIUM). In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable.
How severe is CVE-2021-34587?
CVE-2021-34587 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-34587?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Ibm Rational Lifecycle Integration Adapter For Windchill, Bender Cc612 Firmware, Bender Cc612, Bender Cc613 Firmware, Bender Cc613.