CVE-2021-47895
Buffer Overflow in Nsauditor 3.2.2.0 Causes Denial of Service
Publication date: 2026-01-23
Last updated on: 2026-02-11
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nsasoft | nsauditor | 3.2.2.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-770 | The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2021-47895 is a Denial of Service (DoS) vulnerability in Nsauditor version 3.2.2.0. It occurs because the application does not limit the size of input in the Event Description field. An attacker can paste a very large buffer (for example, 10,000 characters of 'U') into this field, which causes the application to crash or become unresponsive. [1, 2]
How can this vulnerability impact me? :
This vulnerability can cause the Nsauditor application to crash or become unresponsive, resulting in a denial of service. This means legitimate users may be unable to use the application while it is crashed, potentially disrupting security event monitoring or other functions provided by the software. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to reproduce the denial of service condition on the Nsauditor 3.2.2.0 application. Specifically, create a large buffer of 10,000 'U' characters (for example, using a Python script to generate a text file with this content), then copy and paste this buffer into the Event Description field within the Security Events configuration of the application. If the application crashes or becomes unresponsive, the vulnerability is present. There are no specific network detection commands since the attack requires local user interaction and local access. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding pasting or entering excessively large inputs (such as 10,000-character strings) into the Event Description field in Nsauditor 3.2.2.0. Restrict local user access to trusted users only, and monitor for unusual application crashes. Additionally, check for any available patches or updates from the vendor to address this denial of service vulnerability. [1, 2]