Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-pwxp-2dew-17h3
Vulnerability ID VCID-pwxp-2dew-17h3
Aliases CVE-2021-2388
Summary multiple issues
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-697 Incorrect Comparison
System Score Found at
cvssv3 7.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2388.json
epss 0.00805 https://api.first.org/data/v1/epss?cve=CVE-2021-2388
cvssv3.1 7.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 7.5 https://lists.debian.org/debian-lts-announce/2021/08/msg00011.html
ssvc Track https://lists.debian.org/debian-lts-announce/2021/08/msg00011.html
archlinux High https://security.archlinux.org/AVG-2188
archlinux High https://security.archlinux.org/AVG-2189
archlinux High https://security.archlinux.org/AVG-2190
cvssv3.1 7.5 https://security.gentoo.org/glsa/202209-05
ssvc Track https://security.gentoo.org/glsa/202209-05
cvssv3.1 7.5 https://security.netapp.com/advisory/ntap-20210723-0002/
ssvc Track https://security.netapp.com/advisory/ntap-20210723-0002/
cvssv3.1 7.5 https://www.debian.org/security/2021/dsa-4946
ssvc Track https://www.debian.org/security/2021/dsa-4946
cvssv3.1 7.5 https://www.oracle.com/security-alerts/cpujul2021.html
ssvc Track https://www.oracle.com/security-alerts/cpujul2021.html
cvssv3.1 7.5 https://www.oracle.com/security-alerts/cpuoct2021.html
ssvc Track https://www.oracle.com/security-alerts/cpuoct2021.html
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2388.json
https://api.first.org/data/v1/epss?cve=CVE-2021-2388
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2341
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2369
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2388
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1983075 https://bugzilla.redhat.com/show_bug.cgi?id=1983075
ASA-202107-53 https://security.archlinux.org/ASA-202107-53
ASA-202107-54 https://security.archlinux.org/ASA-202107-54
ASA-202107-65 https://security.archlinux.org/ASA-202107-65
ASA-202107-66 https://security.archlinux.org/ASA-202107-66
AVG-2188 https://security.archlinux.org/AVG-2188
AVG-2189 https://security.archlinux.org/AVG-2189
AVG-2190 https://security.archlinux.org/AVG-2190
dsa-4946 https://www.debian.org/security/2021/dsa-4946
GLSA-202209-05 https://security.gentoo.org/glsa/202209-05
GLSA-202409-26 https://security.gentoo.org/glsa/202409-26
msg00011.html https://lists.debian.org/debian-lts-announce/2021/08/msg00011.html
ntap-20210723-0002 https://security.netapp.com/advisory/ntap-20210723-0002/
RHSA-2021:2774 https://access.redhat.com/errata/RHSA-2021:2774
RHSA-2021:2775 https://access.redhat.com/errata/RHSA-2021:2775
RHSA-2021:2776 https://access.redhat.com/errata/RHSA-2021:2776
RHSA-2021:2777 https://access.redhat.com/errata/RHSA-2021:2777
RHSA-2021:2778 https://access.redhat.com/errata/RHSA-2021:2778
RHSA-2021:2779 https://access.redhat.com/errata/RHSA-2021:2779
RHSA-2021:2780 https://access.redhat.com/errata/RHSA-2021:2780
RHSA-2021:2781 https://access.redhat.com/errata/RHSA-2021:2781
RHSA-2021:2782 https://access.redhat.com/errata/RHSA-2021:2782
RHSA-2021:2783 https://access.redhat.com/errata/RHSA-2021:2783
RHSA-2021:2784 https://access.redhat.com/errata/RHSA-2021:2784
RHSA-2021:2845 https://access.redhat.com/errata/RHSA-2021:2845
USN-5202-1 https://usn.ubuntu.com/5202-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2388.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.debian.org/debian-lts-announce/2021/08/msg00011.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:23Z/ Found at https://lists.debian.org/debian-lts-announce/2021/08/msg00011.html
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/202209-05
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:23Z/ Found at https://security.gentoo.org/glsa/202209-05
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.netapp.com/advisory/ntap-20210723-0002/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:23Z/ Found at https://security.netapp.com/advisory/ntap-20210723-0002/
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.debian.org/security/2021/dsa-4946
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:23Z/ Found at https://www.debian.org/security/2021/dsa-4946
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.oracle.com/security-alerts/cpujul2021.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:23Z/ Found at https://www.oracle.com/security-alerts/cpujul2021.html
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.oracle.com/security-alerts/cpuoct2021.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:23Z/ Found at https://www.oracle.com/security-alerts/cpuoct2021.html
Exploit Prediction Scoring System (EPSS)
Percentile 0.74441
EPSS Score 0.00805
Published At May 30, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-30T19:35:44.940289+00:00 Arch Linux Importer Import https://security.archlinux.org/AVG-2190 38.6.0