CVE-2021-27420

MEDIUM Year: 2021
CVSS v3 Score
5.3
Medium
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-20
View all →

Vulnerability Description

GE UR firmware versions prior to version 8.1x web server task does not properly handle receipt of unsupported HTTP verbs, resulting in the web server becoming temporarily unresponsive after receiving a series of unsupported HTTP requests. When unresponsive, the web server is inaccessible. By itself, this is not particularly significant as the relay remains effective in all other functionality and communication channels.

Related Vulnerabilities

CVE-2009-1197

MEDIUM
CVSS:5.3(Medium)

Apache jUDDI before 2.0 allows attackers to spoof entries in log files via vectors related to error logging of keys from uddiget.jsp.

CWE-202009

CVE-2010-3667

MEDIUM
CVSS:5.3(Medium)

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Spam Abuse in the native form content element.

CWE-202010

CVE-2011-2902

MEDIUM
CVSS:5.3(Medium)

zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote attackers to delete arbitrary fil...

CWE-202011

CVE-2013-4101

MEDIUM
CVSS:5.3(Medium)

Cryptocat before 2.0.22 Link Markup Decorator HTML Handling Weakness

CWE-202013

CVE-2014-0091

MEDIUM
CVSS:5.3(Medium)

Foreman has improper input validation which could lead to partial Denial of Service

CWE-202014

CVE-2014-1935

MEDIUM
CVSS:5.3(Medium)

9base 1:6-6 and 1:6-7 insecurely creates temporary files which results in predictable filenames.

CWE-202014