CVE-2021-38447

HIGH

OCI OpenDDS <3.18.1 - DoS

Title source: llm

Description

OCI OpenDDS versions prior to 3.18.1 are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic, which may result in a denial-of-service condition.

References (2)

[Third Party Advisory, US Government Resource] https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-02

[Product] https://opendds.org/

Scores

CVSS v3 8.6

EPSS 0.0010

EPSS Percentile 26.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-405

Status published

Products (1)

objectcomputing/opendds < 3.18.1

Published May 05, 2022

Tracked Since Feb 18, 2026