Rewterz Threat Advisory – CVE-2021-25646 – Apache Druid code execution
February 1, 2021Rewterz Threat Alert – Nanocore – Active IoCs
February 1, 2021Rewterz Threat Advisory – CVE-2021-25646 – Apache Druid code execution
February 1, 2021Rewterz Threat Alert – Nanocore – Active IoCs
February 1, 2021Severity
Low
Analysis Summary
CVE-2021-25226
Trend Micro ServerProtect for Linux is vulnerable to a denial of service, caused by a flaw in the vsapiapp executable. By persuading a victim to open a specially-crafted content, a remote attacker could exploit this vulnerability to cause a memory exhaustion.
Impact
Denial of service
Affected Vendors
Trend Micro
Affected Products
Trend Micro ServerProtect for Linux 3.0
Remediation
Refer to Trend Micro Security Bulletin: 000284207 for patch, upgrade or suggested workaround information.