CVE-2021-31228

HIGH

HCC embedded InterNiche 4.0.1 - SSRF

Title source: llm

Description

An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query's source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client's requests (without sniffing the specific request). Data is predictable because it is based on the time of day, and has too few bits.

References (2)

[Mitigation, Third Party Advisory] https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/

[Third Party Advisory, US Government Resource] https://www.kb.cert.org/vuls/id/608209

Scores

CVSS v3 7.5

EPSS 0.0028

EPSS Percentile 51.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-330

Status published

Products (1)

hcc-embedded/nichestack < 4.3

Published Aug 19, 2021

Tracked Since Feb 18, 2026