PT-2022-12308 · Coins · Coins Construction Cloud
Jürgen Zöller
·
Published
2022-01-24
·
Updated
2023-10-18
·
CVE-2021-45223
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
COINS Construction Cloud version 11.12
Description
The issue is related to insufficient input neutralization, making it vulnerable to denial of service attacks via forced server crashes.
Recommendations
For COINS Construction Cloud version 11.12, consider implementing proper input validation and neutralization to prevent forced server crashes. As a temporary workaround, restrict access to sensitive inputs that could cause server crashes until a patch is available.
Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Coins Construction Cloud