Denial of Service Vulnerability in EMQ X Broker by EMQ Technologies
CVE-2021-33175

7.5HIGH

Key Information:

Vendor: EMQ Technologies
Status: EMQ X Broker
Vendor: CVE Published:; 8 June 2021

🔔 Create EMQ Technologies Vulnerability Alert

What is CVE-2021-33175?

EMQ X Broker versions prior to 4.2.8 are susceptible to a denial of service attack caused by excessive memory usage resulting from the processing of untrusted inputs. These inputs can lead the message broker to exhaust system memory, ultimately causing the operating system to terminate the application. This vulnerability highlights the importance of input validation and secure memory management in broker applications.

Affected Version(s)

EMQ X Broker <4.2.8

References

https://www.synopsys.com/blogs/software-security/cyrc-adv...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 8, 2021
Vulnerability Reserved
May 18, 2021

CVE-2021-33175 Data

JSON