snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HNetapp Cloud Backup
APPNetappwszystkie wersjeNetapp Data Ontap
OSNetappwszystkie wersjeNetapp E Series Santricity Os Controller
OSNetapp11.0 – 11.5Netapp Hyper Converged Infrastructure
APPNetappwszystkie wersjeNetapp Solidfire Element Os
OSNetappwszystkie wersjeNetapp Storagegrid Webscale
APPNetappwszystkie wersjeNet Snmp
APPNet-Snmp< 5.8
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Auth BypassDoS
References
Related vulnerabilities
CVE-2021-42013CRITICAL9.8⚠ KEVten sam produkt
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could ...
CVE-2021-41773CRITICAL9.8⚠ KEVten sam produkt
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a ...
CVE-2021-40438CRITICAL9.0⚠ KEVten sam produkt
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...
CVE-2025-68615CRITICAL9.8PL ✓ten sam produkt
Buffer overflow w demonie snmptrapd biblioteki net-snmp
CVE-2023-28531CRITICAL9.8ten sam produkt
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constr...