VulnerableCode Vulnerability Details

System	Score	Found at
rhas	Important	https://access.redhat.com/errata/RHSA-2021:3466
rhas	Important	https://access.redhat.com/errata/RHSA-2021:3467
rhas	Important	https://access.redhat.com/errata/RHSA-2021:3468
rhas	Important	https://access.redhat.com/errata/RHSA-2021:3471
rhas	Important	https://access.redhat.com/errata/RHSA-2021:3516
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:3534
rhas	Important	https://access.redhat.com/errata/RHSA-2021:3656
rhas	Important	https://access.redhat.com/errata/RHSA-2021:3658
rhas	Important	https://access.redhat.com/errata/RHSA-2021:3660
rhas	Critical	https://access.redhat.com/errata/RHSA-2021:5134
rhas	Important	https://access.redhat.com/errata/RHSA-2022:1179
cvssv3	5.9	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3597.json
epss	0.00084	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00084	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00084	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00084	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00084	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00084	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00084	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00084	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00091	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00091	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00091	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00091	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00091	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00091	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00091	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00091	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00091	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00091	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00091	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00091	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00091	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00091	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00091	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00146	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00146	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00148	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00148	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00148	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00148	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00148	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00148	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00148	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00148	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00148	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00148	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00148	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.0017	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.0017	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.0017	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.0017	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.0017	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.0017	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.0017	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.0017	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00198	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
epss	0.00464	https://api.first.org/data/v1/epss?cve=CVE-2021-3597
rhbs	medium	https://bugzilla.redhat.com/show_bug.cgi?id=1970930
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-mfhv-gwf8-4m88
cvssv3.1	7.5	https://github.com/undertow-io/undertow
generic_textual	HIGH	https://github.com/undertow-io/undertow
cvssv2	2.6	https://nvd.nist.gov/vuln/detail/CVE-2021-3597
cvssv3	5.9	https://nvd.nist.gov/vuln/detail/CVE-2021-3597
cvssv3.1	5.9	https://nvd.nist.gov/vuln/detail/CVE-2021-3597
cvssv3.1	5.9	https://security.netapp.com/advisory/ntap-20220804-0003
generic_textual	MODERATE	https://security.netapp.com/advisory/ntap-20220804-0003

System

Score

Found at

rhas

Important

https://access.redhat.com/errata/RHSA-2021:3466

rhas

Important

https://access.redhat.com/errata/RHSA-2021:3467

rhas

Important

https://access.redhat.com/errata/RHSA-2021:3468

rhas

Important

https://access.redhat.com/errata/RHSA-2021:3471

rhas

Important

https://access.redhat.com/errata/RHSA-2021:3516

rhas

Moderate

https://access.redhat.com/errata/RHSA-2021:3534

rhas

Important

https://access.redhat.com/errata/RHSA-2021:3656

rhas

Important

https://access.redhat.com/errata/RHSA-2021:3658

rhas

Important

https://access.redhat.com/errata/RHSA-2021:3660

rhas

Critical

https://access.redhat.com/errata/RHSA-2021:5134

rhas

Important

https://access.redhat.com/errata/RHSA-2022:1179

cvssv3

5.9

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3597.json

epss

0.00084

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00084

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00084

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00084

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00084

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00084

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00084

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00084

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00091

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00091

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00091

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00091

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00091

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00091

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00091

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00091

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00091

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00091

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00091

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00091

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00091

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00091

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00091

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00092

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00146

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00146

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00148

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00148

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00148

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00148

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00148

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00148

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00148

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00148

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00148

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00148

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00148

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.0017

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.0017

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.0017

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.0017

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.0017

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.0017

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.0017

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.0017

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00198

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

epss

0.00464

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

rhbs

medium

https://bugzilla.redhat.com/show_bug.cgi?id=1970930

cvssv3.1_qr

MODERATE

https://github.com/advisories/GHSA-mfhv-gwf8-4m88

cvssv3.1

7.5

https://github.com/undertow-io/undertow

generic_textual

HIGH

https://github.com/undertow-io/undertow

cvssv2

2.6

https://nvd.nist.gov/vuln/detail/CVE-2021-3597

cvssv3

5.9

https://nvd.nist.gov/vuln/detail/CVE-2021-3597

cvssv3.1

5.9

https://nvd.nist.gov/vuln/detail/CVE-2021-3597

cvssv3.1

5.9

https://security.netapp.com/advisory/ntap-20220804-0003

generic_textual

MODERATE

https://security.netapp.com/advisory/ntap-20220804-0003

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3597.json
		https://api.first.org/data/v1/epss?cve=CVE-2021-3597
		https://github.com/undertow-io/undertow
		https://security.netapp.com/advisory/ntap-20220804-0003
		https://security.netapp.com/advisory/ntap-20220804-0003/
1970930		https://bugzilla.redhat.com/show_bug.cgi?id=1970930
989861		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989861
cpe:2.3:a:netapp:active_iq_unified_manager:-:::::linux::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:::::linux::
cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::
cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::
cpe:2.3:a:netapp:oncommand_insight:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:::::::*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
cpe:2.3:a:redhat:fuse:1.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:fuse:1.0:::::::*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:-::::text-only:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:-::::text-only:::
cpe:2.3:a:redhat:openshift_application_runtimes:-::::text-only:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_application_runtimes:-::::text-only:::
cpe:2.3:a:redhat:single_sign-on:-::::text-only:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:single_sign-on:-::::text-only:::
cpe:2.3:a:redhat:undertow::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow::::::::
cpe:2.3:a:redhat:undertow:2.0.35:-::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.0.35:-::::::
cpe:2.3:a:redhat:undertow:2.0.36:-::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.0.36:-::::::
cpe:2.3:a:redhat:undertow:2.0.39:-::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.0.39:-::::::
cpe:2.3:a:redhat:undertow:2.2.6:-::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.2.6:-::::::
cpe:2.3:a:redhat:undertow:2.2.7:-::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.2.7:-::::::
cpe:2.3:a:redhat:undertow:2.2.9:-::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.2.9:-::::::
CVE-2021-3597		https://nvd.nist.gov/vuln/detail/CVE-2021-3597
GHSA-mfhv-gwf8-4m88		https://github.com/advisories/GHSA-mfhv-gwf8-4m88
RHSA-2021:3466		https://access.redhat.com/errata/RHSA-2021:3466
RHSA-2021:3467		https://access.redhat.com/errata/RHSA-2021:3467
RHSA-2021:3468		https://access.redhat.com/errata/RHSA-2021:3468
RHSA-2021:3471		https://access.redhat.com/errata/RHSA-2021:3471
RHSA-2021:3516		https://access.redhat.com/errata/RHSA-2021:3516
RHSA-2021:3534		https://access.redhat.com/errata/RHSA-2021:3534
RHSA-2021:3656		https://access.redhat.com/errata/RHSA-2021:3656
RHSA-2021:3658		https://access.redhat.com/errata/RHSA-2021:3658
RHSA-2021:3660		https://access.redhat.com/errata/RHSA-2021:3660
RHSA-2021:5134		https://access.redhat.com/errata/RHSA-2021:5134
RHSA-2022:1179		https://access.redhat.com/errata/RHSA-2022:1179

Reference id

Reference type

URL

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3597.json

https://api.first.org/data/v1/epss?cve=CVE-2021-3597

https://github.com/undertow-io/undertow

https://security.netapp.com/advisory/ntap-20220804-0003

https://security.netapp.com/advisory/ntap-20220804-0003/

1970930

https://bugzilla.redhat.com/show_bug.cgi?id=1970930

989861

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989861

cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*

cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*

cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*

cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*

cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:*

cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:text-only:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:text-only:*:*:*

cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*

cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*

cpe:2.3:a:redhat:undertow:2.0.35:-:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.0.35:-:*:*:*:*:*:*

cpe:2.3:a:redhat:undertow:2.0.36:-:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.0.36:-:*:*:*:*:*:*

cpe:2.3:a:redhat:undertow:2.0.39:-:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.0.39:-:*:*:*:*:*:*

cpe:2.3:a:redhat:undertow:2.2.6:-:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.2.6:-:*:*:*:*:*:*

cpe:2.3:a:redhat:undertow:2.2.7:-:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.2.7:-:*:*:*:*:*:*

cpe:2.3:a:redhat:undertow:2.2.9:-:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.2.9:-:*:*:*:*:*:*

CVE-2021-3597

https://nvd.nist.gov/vuln/detail/CVE-2021-3597

GHSA-mfhv-gwf8-4m88

https://github.com/advisories/GHSA-mfhv-gwf8-4m88

RHSA-2021:3466

https://access.redhat.com/errata/RHSA-2021:3466

RHSA-2021:3467

https://access.redhat.com/errata/RHSA-2021:3467

RHSA-2021:3468

https://access.redhat.com/errata/RHSA-2021:3468

RHSA-2021:3471

https://access.redhat.com/errata/RHSA-2021:3471

RHSA-2021:3516

https://access.redhat.com/errata/RHSA-2021:3516

RHSA-2021:3534

https://access.redhat.com/errata/RHSA-2021:3534

RHSA-2021:3656

https://access.redhat.com/errata/RHSA-2021:3656

RHSA-2021:3658

https://access.redhat.com/errata/RHSA-2021:3658

RHSA-2021:3660

https://access.redhat.com/errata/RHSA-2021:3660

RHSA-2021:5134

https://access.redhat.com/errata/RHSA-2021:5134

RHSA-2022:1179

https://access.redhat.com/errata/RHSA-2022:1179

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3597.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/undertow-io/undertow

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2021-3597

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-3597

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-3597

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://security.netapp.com/advisory/ntap-20220804-0003

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-b1av-s4ht-aaan
Aliases	CVE-2021-3597 GHSA-mfhv-gwf8-4m88
Summary	Race condition in undertow
Status	Published
Exploitability	0.5
Weighted Severity	9.0
Risk	4.5
Affected and Fixed Packages	Package Details

CWE-362	Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

Percentile	0.21883
EPSS Score	0.00084
Published At	April 2, 2025, 12:55 p.m.