CVE-2021-31850
Summary
| CVE | CVE-2021-31850 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-12-08 11:15:00 UTC |
| Updated | 2023-11-07 03:35:00 UTC |
| Description | A denial-of-service vulnerability in Database Security (DBS) prior to 4.8.4 allows a remote authenticated administrator to trigger a denial-of-service attack against the DBS server. The configuration of Archiving through the User interface incorrectly allowed the creation of directories and files in Windows system directories and other locations where sensitive data could be overwritten. The former could lead to a DoS, whilst the latter could lead to data destruction on the DBS server. |
Risk And Classification
Problem Types: CWE-552
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Mcafee | Database Security | All | All | All | All |
| Application | Mcafee | Database Security | All | All | All | All |
| Operating System | Microsoft | Windows | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| ZDI-21-1535 | Zero Day Initiative | www.zerodayinitiative.com | ||
| Security Bulletin - Database Security on Windows update fixes Denial of Service vulnerability (CVE-2021-31850) | CONFIRM | kc.mcafee.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.