EMQ X Broker up to 4.2.7 memory allocation [CVE-2021-33175]

A vulnerability classified as problematic has been found in EMQ X Broker up to 4.2.7. Affected is an unknown code. Upgrading to version 4.2.8 eliminates this vulnerability.

Affected software

EMQ X versions prior to 4.2.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/RL:O/RC:C

Base Score: 8.6 (high)
Attack Vector (AV): Network
Attack Complexity (AC): Low

Mitigation

Upgrade to EMQ X version 4.2.8 or later.

Contact us to get started

CVE-2024-20418 : CISCO IOS XE CONTROLLER WEB-BASED MANAGEMENT INTERFACE COMMAND INJECTION

Description A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB)

Learn more

CVE-2024-20536 : CISCO DATA CENTER NETWORK MANAGER 12.1.2E/12.1.2P/12.1.3B WEB-BASED MANAGEMENT INTERFACE/REST API ENDPOINT SQL INJECTION

Description A vulnerability in a REST API endpoint and web-based management interface of Cisco Nexus Dashboard Fabric Controller (NDFC) could

Learn more

CVE-2024-50340 : SYMFONY INJECTION

Description symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the

Learn more