VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-98m9-ft46-aaah

Essentials
Severities (112)
References (26)
Severity details (23)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-98m9-ft46-aaah
Aliases	CVE-2021-41089 GHSA-v994-f8vw-g7j4
Summary	Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where attempting to copy files using `docker cp` into a specially-crafted container can result in Unix file permission changes for existing files in the host’s filesystem, widening access to others. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should update to this version as soon as possible. Running containers do not need to be restarted.
Status	Published
Exploitability	0.5
Weighted Severity	9.0
Risk	4.5
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-281	Improper Preservation of Permissions
CWE-552	Files or Directories Accessible to External Parties

System	Score	Found at
generic_textual	Medium	http://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-41089.html
rhas	Important	https://access.redhat.com/errata/RHSA-2022:0735
cvssv3	5.3	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41089.json
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2021-41089
rhbs	medium	https://bugzilla.redhat.com/show_bug.cgi?id=2008592
cvssv3.1	5.9	https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf
generic_textual	MODERATE	https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41089
cvssv3.1	3.6	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	9.9	https://github.com/moby/moby
generic_textual	CRITICAL	https://github.com/moby/moby
cvssv3.1	2.8	https://github.com/moby/moby/commit/bce32e5c93be4caf1a592582155b9cb837fc129a
generic_textual	LOW	https://github.com/moby/moby/commit/bce32e5c93be4caf1a592582155b9cb837fc129a
cvssv3.1	2.8	https://github.com/moby/moby/security/advisories/GHSA-v994-f8vw-g7j4
generic_textual	LOW	https://github.com/moby/moby/security/advisories/GHSA-v994-f8vw-g7j4
cvssv3.1	5.9	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB
generic_textual	MODERATE	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB
cvssv3.1	5.9	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB
generic_textual	MODERATE	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB
cvssv2	4.4	https://nvd.nist.gov/vuln/detail/CVE-2021-41089
cvssv3	6.3	https://nvd.nist.gov/vuln/detail/CVE-2021-41089
cvssv3.1	6.3	https://nvd.nist.gov/vuln/detail/CVE-2021-41089
cvssv3.1	2.8	https://pkg.go.dev/vuln/GO-2024-2913
generic_textual	LOW	https://pkg.go.dev/vuln/GO-2024-2913
archlinux	Medium	https://security.archlinux.org/AVG-2440
generic_textual	Medium	https://ubuntu.com/security/notices/USN-5103-1

Reference id	Reference type	URL
		http://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-41089.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41089.json
		https://api.first.org/data/v1/epss?cve=CVE-2021-41089
		https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41089
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/moby/moby
		https://github.com/moby/moby/commit/bce32e5c93be4caf1a592582155b9cb837fc129a
		https://github.com/moby/moby/security/advisories/GHSA-v994-f8vw-g7j4
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/
		https://pkg.go.dev/vuln/GO-2024-2913
		https://ubuntu.com/security/notices/USN-5103-1
2008592		https://bugzilla.redhat.com/show_bug.cgi?id=2008592
AVG-2440		https://security.archlinux.org/AVG-2440
cpe:2.3:a:mobyproject:moby::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mobyproject:moby::::::::
cpe:2.3:o:fedoraproject:fedora:34:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:34:::::::*
cpe:2.3:o:fedoraproject:fedora:35:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:35:::::::*
CVE-2021-41089		https://nvd.nist.gov/vuln/detail/CVE-2021-41089
GLSA-202409-29		https://security.gentoo.org/glsa/202409-29
RHSA-2022:0735		https://access.redhat.com/errata/RHSA-2022:0735
USN-5103-1		https://usn.ubuntu.com/5103-1/

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41089.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Found at https://github.com/moby/moby

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N Found at https://github.com/moby/moby/commit/bce32e5c93be4caf1a592582155b9cb837fc129a

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N Found at https://github.com/moby/moby/security/advisories/GHSA-v994-f8vw-g7j4

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2021-41089

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2021-41089

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2021-41089

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N Found at https://pkg.go.dev/vuln/GO-2024-2913

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.0618
EPSS Score	0.00033
Published At	March 28, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.