Search for vulnerabilities
Vulnerability details: VCID-6qjg-v45t-aaam
Vulnerability ID VCID-6qjg-v45t-aaam
Aliases CVE-2021-22925
Summary curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-908 Use of Uninitialized Resource
CWE-457 Use of Uninitialized Variable
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-22925.html
rhas Moderate https://access.redhat.com/errata/RHSA-2021:4511
cvssv3 3.1 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22925.json
epss 0.00215 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00215 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00215 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00308 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00312 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00313 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00313 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00313 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00313 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00313 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00313 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00313 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00313 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00313 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00313 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.0043 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.0043 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.0043 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.0043 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.0043 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.0043 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.0043 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00453 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00549 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00549 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00549 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00549 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
epss 0.00708 https://api.first.org/data/v1/epss?cve=CVE-2021-22925
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=1970902
cvssv3.1 8.2 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
generic_textual HIGH https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
cvssv3.1 Medium https://curl.se/docs/CVE-2021-22925.html
generic_textual Medium https://curl.se/docs/CVE-2021-22925.html
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925
cvssv3.1 4.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2021-22925
cvssv3 5.3 https://nvd.nist.gov/vuln/detail/CVE-2021-22925
cvssv3.1 5.3 https://nvd.nist.gov/vuln/detail/CVE-2021-22925
archlinux Medium https://security.archlinux.org/AVG-2194
archlinux Medium https://security.archlinux.org/AVG-2195
archlinux Medium https://security.archlinux.org/AVG-2196
archlinux Medium https://security.archlinux.org/AVG-2197
archlinux Medium https://security.archlinux.org/AVG-2198
archlinux Medium https://security.archlinux.org/AVG-2199
generic_textual Medium https://ubuntu.com/security/notices/USN-5021-1
cvssv3.1 6.6 https://www.oracle.com/security-alerts/cpujan2022.html
generic_textual MODERATE https://www.oracle.com/security-alerts/cpujan2022.html
cvssv3.1 8.2 https://www.oracle.com/security-alerts/cpuoct2021.html
generic_textual HIGH https://www.oracle.com/security-alerts/cpuoct2021.html
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-22925.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22925.json
https://api.first.org/data/v1/epss?cve=CVE-2021-22925
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://curl.se/docs/CVE-2021-22925.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925
http://seclists.org/fulldisclosure/2021/Sep/39
http://seclists.org/fulldisclosure/2021/Sep/40
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://hackerone.com/reports/1223882
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://security.gentoo.org/glsa/202212-01
https://security.netapp.com/advisory/ntap-20210902-0003/
https://support.apple.com/kb/HT212804
https://support.apple.com/kb/HT212805
https://ubuntu.com/security/notices/USN-5021-1
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
1970902 https://bugzilla.redhat.com/show_bug.cgi?id=1970902
ASA-202107-59 https://security.archlinux.org/ASA-202107-59
ASA-202107-60 https://security.archlinux.org/ASA-202107-60
ASA-202107-61 https://security.archlinux.org/ASA-202107-61
ASA-202107-62 https://security.archlinux.org/ASA-202107-62
ASA-202107-63 https://security.archlinux.org/ASA-202107-63
ASA-202107-64 https://security.archlinux.org/ASA-202107-64
AVG-2194 https://security.archlinux.org/AVG-2194
AVG-2195 https://security.archlinux.org/AVG-2195
AVG-2196 https://security.archlinux.org/AVG-2196
AVG-2197 https://security.archlinux.org/AVG-2197
AVG-2198 https://security.archlinux.org/AVG-2198
AVG-2199 https://security.archlinux.org/AVG-2199
cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:11.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:11.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:11.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:11.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:11.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:11.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:11.1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:11.1.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:11.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:11.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:11.2.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:11.2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:11.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:11.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:11.3.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:11.3.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:11.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:11.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:11.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:11.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
CVE-2021-22925 https://nvd.nist.gov/vuln/detail/CVE-2021-22925
RHSA-2021:4511 https://access.redhat.com/errata/RHSA-2021:4511
USN-5021-1 https://usn.ubuntu.com/5021-1/
USN-5021-2 https://usn.ubuntu.com/5021-2/
USN-5894-1 https://usn.ubuntu.com/5894-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22925.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N Found at https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2021-22925
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2021-22925
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2021-22925
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://www.oracle.com/security-alerts/cpujan2022.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N Found at https://www.oracle.com/security-alerts/cpuoct2021.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.41259
EPSS Score 0.00215
Published At April 8, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.