Vulnerability Details CVE-2021-38311
In Contiki 3.0, potential nonterminating acknowledgment loops exist in the Telnet service. When the negotiated options are already disabled, servers still respond to DONT and WONT requests with WONT or DONT commands, which may lead to infinite acknowledgment loops, denial of service, and excessive CPU consumption.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.0%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 4.3
References
Products affected by CVE-2021-38311
-
cpe:2.3:o:contiki-os:contiki:3.0