VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-9ruy-372r-aaas

Essentials
Severities (159)
References (95)
Severity details (65)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-9ruy-372r-aaas
Aliases	CVE-2021-23841 GHSA-84rm-qf37-fgc2 VC-OPENSSL-20210216-CVE-2021-23841
Summary	The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-476	NULL Pointer Dereference
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-190	Integer Overflow or Wraparound

System	Score	Found at
generic_textual	Medium	http://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-23841.html
rhas	Important	https://access.redhat.com/errata/RHSA-2021:1168
rhas	Important	https://access.redhat.com/errata/RHSA-2021:3016
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:3798
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:4198
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:4424
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:4613
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:4614
rhas	Important	https://access.redhat.com/errata/RHSA-2021:4861
rhas	Important	https://access.redhat.com/errata/RHSA-2021:4863
cvssv3	5.9	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23841.json
epss	0.00416	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00416	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00416	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00416	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00416	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00416	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00416	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00416	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00416	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00416	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00416	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00416	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00563	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00563	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00563	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00563	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00563	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.006	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.006	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.01707	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.01718	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.01718	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.02299	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.02662	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
rhbs	medium	https://bugzilla.redhat.com/show_bug.cgi?id=1930310
cvssv3.1	8.8	https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf
generic_textual	HIGH	https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf
generic_textual	Low	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551
generic_textual	Low	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841
cvssv3.1	5.9	http://seclists.org/fulldisclosure/2021/May/67
generic_textual	MODERATE	http://seclists.org/fulldisclosure/2021/May/67
cvssv3.1	5.9	http://seclists.org/fulldisclosure/2021/May/68
generic_textual	MODERATE	http://seclists.org/fulldisclosure/2021/May/68
cvssv3.1	5.9	http://seclists.org/fulldisclosure/2021/May/70
generic_textual	MODERATE	http://seclists.org/fulldisclosure/2021/May/70
cvssv3.1	5.9	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-84rm-qf37-fgc2
cvssv3.1	7.5	https://github.com/alexcrichton/openssl-src-rs
generic_textual	HIGH	https://github.com/alexcrichton/openssl-src-rs
cvssv3.1	5.9	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf
generic_textual	MODERATE	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf
cvssv3.1	7.5	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1
generic_textual	HIGH	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1
cvssv3.1	5.9	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807
generic_textual	MODERATE	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807
cvssv3.1	7.5	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2
generic_textual	HIGH	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2
cvssv3.1	7.5	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846
generic_textual	HIGH	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846
cvssv2	4.3	https://nvd.nist.gov/vuln/detail/CVE-2021-23841
cvssv3	5.9	https://nvd.nist.gov/vuln/detail/CVE-2021-23841
cvssv3.1	5.9	https://nvd.nist.gov/vuln/detail/CVE-2021-23841
cvssv3.1	5.9	https://rustsec.org/advisories/RUSTSEC-2021-0058
generic_textual	MODERATE	https://rustsec.org/advisories/RUSTSEC-2021-0058
cvssv3.1	5.9	https://rustsec.org/advisories/RUSTSEC-2021-0058.html
generic_textual	MODERATE	https://rustsec.org/advisories/RUSTSEC-2021-0058.html
archlinux	Medium	https://security.archlinux.org/AVG-1581
cvssv3.1	5.9	https://security.gentoo.org/glsa/202103-03
generic_textual	MODERATE	https://security.gentoo.org/glsa/202103-03
cvssv3.1	7.5	https://security.netapp.com/advisory/ntap-20210219-0009
generic_textual	HIGH	https://security.netapp.com/advisory/ntap-20210219-0009
cvssv3.1	5.9	https://security.netapp.com/advisory/ntap-20210513-0002
generic_textual	MODERATE	https://security.netapp.com/advisory/ntap-20210513-0002
cvssv3.1	5.9	https://support.apple.com/kb/HT212528
generic_textual	MODERATE	https://support.apple.com/kb/HT212528
cvssv3.1	5.9	https://support.apple.com/kb/HT212529
generic_textual	MODERATE	https://support.apple.com/kb/HT212529
cvssv3.1	5.9	https://support.apple.com/kb/HT212534
generic_textual	MODERATE	https://support.apple.com/kb/HT212534
generic_textual	Medium	https://ubuntu.com/security/notices/USN-4738-1
generic_textual	Medium	https://ubuntu.com/security/notices/USN-4745-1
cvssv3.1	7.5	https://www.debian.org/security/2021/dsa-4855
generic_textual	HIGH	https://www.debian.org/security/2021/dsa-4855
cvssv3.1	7.5	https://www.openssl.org/news/secadv/20210216.txt
generic_textual	HIGH	https://www.openssl.org/news/secadv/20210216.txt
cvssv3.1	7.5	https://www.oracle.com/security-alerts/cpuApr2021.html
generic_textual	HIGH	https://www.oracle.com/security-alerts/cpuApr2021.html
cvssv3.1	5.3	https://www.oracle.com/security-alerts/cpuapr2022.html
generic_textual	MODERATE	https://www.oracle.com/security-alerts/cpuapr2022.html
cvssv3.1	5.3	https://www.oracle.com//security-alerts/cpujul2021.html
generic_textual	MODERATE	https://www.oracle.com//security-alerts/cpujul2021.html
cvssv3.1	8.2	https://www.oracle.com/security-alerts/cpuoct2021.html
generic_textual	HIGH	https://www.oracle.com/security-alerts/cpuoct2021.html
cvssv3.1	7.5	https://www.tenable.com/security/tns-2021-03
generic_textual	HIGH	https://www.tenable.com/security/tns-2021-03
cvssv3.1	5.9	https://www.tenable.com/security/tns-2021-09
generic_textual	MODERATE	https://www.tenable.com/security/tns-2021-09

Reference id	Reference type	URL
		http://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-23841.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23841.json
		https://api.first.org/data/v1/epss?cve=CVE-2021-23841
		https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841
		http://seclists.org/fulldisclosure/2021/May/67
		http://seclists.org/fulldisclosure/2021/May/68
		http://seclists.org/fulldisclosure/2021/May/70
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/alexcrichton/openssl-src-rs
		https://github.com/openssl/openssl/commit/122a19ab48091c657f7cb1fb3af9fc07bd557bbf
		https://github.com/openssl/openssl/commit/8252ee4d90f3f2004d3d0aeeed003ad49c9a7807
		https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf
		https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807
		https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf
		https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1
		https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807
		https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2
		https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846
		https://rustsec.org/advisories/RUSTSEC-2021-0058
		https://rustsec.org/advisories/RUSTSEC-2021-0058.html
		https://security.gentoo.org/glsa/202103-03
		https://security.netapp.com/advisory/ntap-20210219-0009
		https://security.netapp.com/advisory/ntap-20210219-0009/
		https://security.netapp.com/advisory/ntap-20210513-0002
		https://security.netapp.com/advisory/ntap-20210513-0002/
		https://security.netapp.com/advisory/ntap-20240621-0006/
		https://support.apple.com/kb/HT212528
		https://support.apple.com/kb/HT212529
		https://support.apple.com/kb/HT212534
		https://ubuntu.com/security/notices/USN-4738-1
		https://ubuntu.com/security/notices/USN-4745-1
		https://www.debian.org/security/2021/dsa-4855
		https://www.openssl.org/news/secadv/20210216.txt
		https://www.oracle.com/security-alerts/cpuApr2021.html
		https://www.oracle.com/security-alerts/cpuapr2022.html
		https://www.oracle.com//security-alerts/cpujul2021.html
		https://www.oracle.com/security-alerts/cpuoct2021.html
		https://www.tenable.com/security/tns-2021-03
		https://www.tenable.com/security/tns-2021-09
1930310		https://bugzilla.redhat.com/show_bug.cgi?id=1930310
ASA-202102-42		https://security.archlinux.org/ASA-202102-42
AVG-1581		https://security.archlinux.org/AVG-1581
cpe:2.3:a:apple:safari::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari::::::::
cpe:2.3:a:netapp:oncommand_insight:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:::::::*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
cpe:2.3:a:netapp:snapcenter:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:::::::*
cpe:2.3:a:openssl:openssl::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl::::::::
cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0::::enterprise:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0::::enterprise:::
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::
cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0::::enterprise:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0::::enterprise:::
cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0::::enterprise:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0::::enterprise:::
cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:::::::*
cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.4.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.4.0.0:::::::*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:::::::*
cpe:2.3:a:oracle:essbase:21.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:essbase:21.2:::::::*
cpe:2.3:a:oracle:graalvm:19.3.5::::enterprise:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:19.3.5::::enterprise:::
cpe:2.3:a:oracle:graalvm:20.3.1.2::::enterprise:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.1.2::::enterprise:::
cpe:2.3:a:oracle:graalvm:21.0.0.2::::enterprise:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.0.0.2::::enterprise:::
cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:::::::*
cpe:2.3:a:oracle:mysql_enterprise_monitor::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_enterprise_monitor::::::::
cpe:2.3:a:oracle:mysql_server::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server::::::::
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:::::::*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:::::::*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:::::::*
cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*
cpe:2.3:a:siemens:sinec_ins::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:siemens:sinec_ins::::::::
cpe:2.3:a:siemens:sinec_ins:1.0:-::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:siemens:sinec_ins:1.0:-::::::
cpe:2.3:a:siemens:sinec_ins:1.0:sp1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:siemens:sinec_ins:1.0:sp1::::::
cpe:2.3:a:tenable:nessus_network_monitor:5.11.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:nessus_network_monitor:5.11.0:::::::*
cpe:2.3:a:tenable:nessus_network_monitor:5.11.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:nessus_network_monitor:5.11.1:::::::*
cpe:2.3:a:tenable:nessus_network_monitor:5.12.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:nessus_network_monitor:5.12.0:::::::*
cpe:2.3:a:tenable:nessus_network_monitor:5.12.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:nessus_network_monitor:5.12.1:::::::*
cpe:2.3:a:tenable:nessus_network_monitor:5.13.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:nessus_network_monitor:5.13.0:::::::*
cpe:2.3:a:tenable:tenable.sc::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:tenable.sc::::::::
cpe:2.3:o:apple:ipad_os::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipad_os::::::::
cpe:2.3:o:apple:ipados::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados::::::::
cpe:2.3:o:apple:iphone_os::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
cpe:2.3:o:apple:macos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos::::::::
cpe:2.3:o:debian:debian_linux:10.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
CVE-2021-23841		https://nvd.nist.gov/vuln/detail/CVE-2021-23841
GHSA-84rm-qf37-fgc2		https://github.com/advisories/GHSA-84rm-qf37-fgc2
RHSA-2021:1168		https://access.redhat.com/errata/RHSA-2021:1168
RHSA-2021:3016		https://access.redhat.com/errata/RHSA-2021:3016
RHSA-2021:3798		https://access.redhat.com/errata/RHSA-2021:3798
RHSA-2021:4198		https://access.redhat.com/errata/RHSA-2021:4198
RHSA-2021:4424		https://access.redhat.com/errata/RHSA-2021:4424
RHSA-2021:4613		https://access.redhat.com/errata/RHSA-2021:4613
RHSA-2021:4614		https://access.redhat.com/errata/RHSA-2021:4614
RHSA-2021:4861		https://access.redhat.com/errata/RHSA-2021:4861
RHSA-2021:4863		https://access.redhat.com/errata/RHSA-2021:4863
USN-4738-1		https://usn.ubuntu.com/4738-1/
USN-4745-1		https://usn.ubuntu.com/4745-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23841.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://seclists.org/fulldisclosure/2021/May/67

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://seclists.org/fulldisclosure/2021/May/68

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://seclists.org/fulldisclosure/2021/May/70

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/alexcrichton/openssl-src-rs

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2021-23841

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-23841

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-23841

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://rustsec.org/advisories/RUSTSEC-2021-0058

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://rustsec.org/advisories/RUSTSEC-2021-0058.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://security.gentoo.org/glsa/202103-03

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://security.netapp.com/advisory/ntap-20210219-0009

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://security.netapp.com/advisory/ntap-20210513-0002

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT212528

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT212529

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT212534

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.debian.org/security/2021/dsa-4855

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.openssl.org/news/secadv/20210216.txt

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://www.oracle.com/security-alerts/cpuApr2021.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://www.oracle.com/security-alerts/cpuapr2022.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://www.oracle.com//security-alerts/cpujul2021.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N Found at https://www.oracle.com/security-alerts/cpuoct2021.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.tenable.com/security/tns-2021-03

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.tenable.com/security/tns-2021-09

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.74589
EPSS Score	0.00416
Published At	Nov. 1, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.