Search for vulnerabilities
Vulnerability details: VCID-6qfj-c85d-v3ap
Vulnerability ID VCID-6qfj-c85d-v3ap
Aliases CVE-2021-20316
Summary samba: Symlink race error can allow metadata read and modify outside of the exported share
Status Published
Exploitability 0.5
Weighted Severity 6.1
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
System Score Found at
cvssv3 5.9 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20316.json
epss 0.00471 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00471 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00471 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00471 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00471 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00471 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00471 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00471 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00471 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00471 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00471 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00471 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00471 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00471 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00471 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00471 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00471 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00504 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00504 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00504 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00504 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00504 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00504 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
epss 0.00504 https://api.first.org/data/v1/epss?cve=CVE-2021-20316
cvssv3.1 5.9 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 6.8 https://nvd.nist.gov/vuln/detail/CVE-2021-20316
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20316.json
https://access.redhat.com/security/cve/CVE-2021-20316
https://api.first.org/data/v1/epss?cve=CVE-2021-20316
https://bugzilla.samba.org/show_bug.cgi?id=14842
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20316
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://security-tracker.debian.org/tracker/CVE-2021-20316
https://www.samba.org/samba/security/CVE-2021-20316.html
1004690 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004690
2009673 https://bugzilla.redhat.com/show_bug.cgi?id=2009673
cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:8.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:*
CVE-2021-20316 https://nvd.nist.gov/vuln/detail/CVE-2021-20316
RHSA-2022:1756 https://access.redhat.com/errata/RHSA-2022:1756
RHSA-2022:2074 https://access.redhat.com/errata/RHSA-2022:2074
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20316.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2021-20316
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.63613
EPSS Score 0.00471
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T10:13:03.580310+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20316.json 37.0.0