CVE-2021-31986

MEDIUM

Axis OS < 10.7 - Out-of-Bounds Write

Title source: rule
STIX 2.1

Description

User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage.

References (1)

Core 1
Core References

Scores

CVSS v3 6.8
EPSS 0.0058
EPSS Percentile 69.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H

Details

CWE
CWE-122 CWE-787
Status published
Products (4)
axis/axis_os < 10.7
axis/axis_os_2016 < 6.50.5.5
axis/axis_os_2018 < 8.40.4.3
axis/axis_os_2020 < 9.80.3.5
Published Oct 05, 2021
Tracked Since Feb 18, 2026