CVE-2021-4467

Positive Technologies MaxPatrol 8 and XSpider contain a remote denial-of-service vulnerability in the client communication service on TCP port 2002. The service generates a new session identifier for each incoming connection without adequately limiting concurrent requests. An unauthenticated remote attacker can repeatedly issue HTTPS requests to the service, causing excessive allocation of session identifiers. Under load, session identifier collisions may occur, forcing active client sessions to disconnect and resulting in service disruption.

CVSS

No CVSS.

References

Link	Resource
https://cxsecurity.com/issue/WLB-2021090114
https://vulners.com/zdt/1337DAY-ID-36775
https://www.ptsecurity.com/
https://www.vulncheck.com/advisories/positive-technologies-maxpatrol-8-and-xspider-remote-dos
https://cxsecurity.com/issue/WLB-2021090114
https://vulners.com/zdt/1337DAY-ID-36775

Configurations

No configuration.

History

18 Nov 2025, 17:15

Type	Values Removed	Values Added
References	~~() https://cxsecurity.com/issue/WLB-2021090114 -~~	() https://cxsecurity.com/issue/WLB-2021090114 -
References	~~() https://vulners.com/zdt/1337DAY-ID-36775 -~~	() https://vulners.com/zdt/1337DAY-ID-36775 -

14 Nov 2025, 23:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-11-14 23:15

Updated : 2025-11-18 17:15

NVD link : CVE-2021-4467

Mitre link : CVE-2021-4467

CVE.ORG link : CVE-2021-4467

JSON object : View

Products Affected

No product.

CWE

CWE-400

Uncontrolled Resource Consumption

{"id": "CVE-2021-4467", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-11-14T23:15:42.557", "references": [{"url": "https://cxsecurity.com/issue/WLB-2021090114", "source": "[email protected]"}, {"url": "https://vulners.com/zdt/1337DAY-ID-36775", "source": "[email protected]"}, {"url": "https://www.ptsecurity.com/", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/positive-technologies-maxpatrol-8-and-xspider-remote-dos", "source": "[email protected]"}, {"url": "https://cxsecurity.com/issue/WLB-2021090114", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}, {"url": "https://vulners.com/zdt/1337DAY-ID-36775", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "Positive Technologies MaxPatrol 8 and XSpider contain a remote denial-of-service vulnerability in the client communication service on TCP port 2002. The service generates a new session identifier for each incoming connection without adequately limiting concurrent requests. An unauthenticated remote attacker can repeatedly issue HTTPS requests to the service, causing excessive allocation of session identifiers. Under load, session identifier collisions may occur, forcing active client sessions to disconnect and resulting in service disruption."}], "lastModified": "2025-11-18T17:15:57.190", "sourceIdentifier": "[email protected]"}