What is the CVSS score of CVE-2021-47895?

CVE-2021-47895 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.1%.

Which versions of Nsauditor are affected by CVE-2021-47895?

Nsauditor versions up to 3.2.2.0 contain a denial-of-service vulnerability that allows attackers to exhaust system resources without limits, potentially disrupting critical network auditing…

Is there a public PoC exploit available for CVE-2021-47895?

Yes, a public proof-of-concept exploit is available for CVE-2021-47895. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2021-47895?

Within 24 hours: Identify all systems running Nsauditor up to version 3.2.2.0 and document their criticality to business operations. Within 7 days: Implement network segmentation to restrict access to Nsauditor instances to authorized users only, and disable remote access where feasible. Within 30 days: Contact the vendor for patched version availability, evaluate upgrade feasibility, or transition to alternative auditing solutions if patches remain unavailable.

Nsauditor CVE-2021-47895

HIGH

Allocation of Resources Without Limits or Throttling (CWE-770)

2026-01-23 disclosure@vulncheck.com

Denial Of Service Nsauditor

7.5

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

7.5 HIGH

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Feb 11, 2026 - 19:39 vuln.today

Public exploit code

CVE Published

Jan 23, 2026 - 17:15 nvd

HIGH 7.5

DescriptionCVE.org

Nsauditor 3.2.2.0 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Event Description field with a large buffer. Attackers can generate a 10,000-character 'U' buffer and paste it into the Event Description field to trigger an application crash.

AnalysisAI

Nsauditor versions up to 3.2.2.0 is affected by allocation of resources without limits or throttling (CVSS 7.5).

Technical ContextAI

This vulnerability (CWE-770: Allocation of Resources Without Limits or Throttling) affects Nsauditor. Nsauditor 3.2.2.0 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Event Description field with a large buffer. Attackers can generate a 10,000-character 'U' buffer and paste it into the Event Description field to trigger an application crash.

RemediationAI

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

CVE-2021-47895 vulnerability details – vuln.today

Back

Nsauditor CVE-2021-47895

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code