CVE-2021-45918

NHI’s health insurance web service component has insufficient validation for input string length, which can result in heap-based buffer overflow attack. A remote attacker can exploit this vulnerability to flood the memory space reserved for the program, in order to terminate service without authentication, which requires a system restart to recover service.
Configurations

Configuration 1 (hide)

cpe:2.3:a:nhi:health_insurance_web_service_component:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-06-20 06:15

Updated : 2024-11-21 06:33


NVD link : CVE-2021-45918

Mitre link : CVE-2021-45918

CVE.ORG link : CVE-2021-45918


JSON object : View

Products Affected

nhi

  • health_insurance_web_service_component
CWE
CWE-122

Heap-based Buffer Overflow

CWE-1284

Improper Validation of Specified Quantity in Input