CVE-2021-32971

HIGH7.5JSON export Create alert

Description

Null pointer dereference in SuiteLink server while processing command 0x07

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Affected products

AVEVA Software, LLC / AVEVA Batch Management 2020unspecified – 2020
AVEVA Software, LLC / AVEVA Communication Drivers Pack 2020unspecified – R2
AVEVA Software, LLC / AVEVA Historian 2020unspecified – R2 P01
AVEVA Software, LLC / AVEVA InTouch 2020unspecified – R2 P01
AVEVA Software, LLC / AVEVA MES 2014unspecified – R2
AVEVA Software, LLC / AVEVA System Platform 2020unspecified – R2 P01

References

MISChttps://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2021-003.pdf