VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-q6vs-dmwa-9fhh

Essentials
Severities (89)
References (50)
Severity details (80)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-q6vs-dmwa-9fhh
Aliases	CVE-2021-23841 GHSA-84rm-qf37-fgc2
Summary	Multiple vulnerabilities have been found in OpenSSL, the worst of which could allow remote attackers to cause a Denial of Service condition.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-190	Integer Overflow or Wraparound
CWE-476	NULL Pointer Dereference
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3	5.9	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23841.json
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
epss	0.00665	https://api.first.org/data/v1/epss?cve=CVE-2021-23841
cvssv3.1	5.9	https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf
generic_textual	MODERATE	https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf
ssvc	Track	https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf
cvssv3.1	5.9	http://seclists.org/fulldisclosure/2021/May/67
generic_textual	MODERATE	http://seclists.org/fulldisclosure/2021/May/67
ssvc	Track	http://seclists.org/fulldisclosure/2021/May/67
cvssv3.1	5.9	http://seclists.org/fulldisclosure/2021/May/68
generic_textual	MODERATE	http://seclists.org/fulldisclosure/2021/May/68
ssvc	Track	http://seclists.org/fulldisclosure/2021/May/68
cvssv3.1	5.9	http://seclists.org/fulldisclosure/2021/May/70
generic_textual	MODERATE	http://seclists.org/fulldisclosure/2021/May/70
ssvc	Track	http://seclists.org/fulldisclosure/2021/May/70
cvssv3.1	5.9	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-84rm-qf37-fgc2
cvssv3.1	5.9	https://github.com/alexcrichton/openssl-src-rs
generic_textual	MODERATE	https://github.com/alexcrichton/openssl-src-rs
ssvc	Track	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf
ssvc	Track	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807
cvssv3.1	5.9	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf
generic_textual	MODERATE	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf
cvssv3.1	5.9	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1
generic_textual	MODERATE	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1
cvssv3.1	5.9	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807
generic_textual	MODERATE	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807
cvssv3.1	5.9	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2
generic_textual	MODERATE	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2
cvssv3.1	5.9	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846
generic_textual	MODERATE	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846
ssvc	Track	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846
cvssv3.1	5.9	https://nvd.nist.gov/vuln/detail/CVE-2021-23841
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2021-23841
cvssv3.1	5.9	https://rustsec.org/advisories/RUSTSEC-2021-0058
generic_textual	MODERATE	https://rustsec.org/advisories/RUSTSEC-2021-0058
cvssv3.1	5.9	https://rustsec.org/advisories/RUSTSEC-2021-0058.html
generic_textual	MODERATE	https://rustsec.org/advisories/RUSTSEC-2021-0058.html
archlinux	Medium	https://security.archlinux.org/AVG-1581
cvssv3.1	5.9	https://security.gentoo.org/glsa/202103-03
generic_textual	MODERATE	https://security.gentoo.org/glsa/202103-03
ssvc	Track	https://security.gentoo.org/glsa/202103-03
cvssv3.1	5.9	https://security.netapp.com/advisory/ntap-20210219-0009
generic_textual	MODERATE	https://security.netapp.com/advisory/ntap-20210219-0009
ssvc	Track	https://security.netapp.com/advisory/ntap-20210219-0009/
cvssv3.1	5.9	https://security.netapp.com/advisory/ntap-20210513-0002
generic_textual	MODERATE	https://security.netapp.com/advisory/ntap-20210513-0002
ssvc	Track	https://security.netapp.com/advisory/ntap-20210513-0002/
ssvc	Track	https://security.netapp.com/advisory/ntap-20240621-0006/
cvssv3.1	5.9	https://support.apple.com/kb/HT212528
generic_textual	MODERATE	https://support.apple.com/kb/HT212528
ssvc	Track	https://support.apple.com/kb/HT212528
cvssv3.1	5.9	https://support.apple.com/kb/HT212529
generic_textual	MODERATE	https://support.apple.com/kb/HT212529
ssvc	Track	https://support.apple.com/kb/HT212529
cvssv3.1	5.9	https://support.apple.com/kb/HT212534
generic_textual	MODERATE	https://support.apple.com/kb/HT212534
ssvc	Track	https://support.apple.com/kb/HT212534
cvssv3.1	5.9	https://www.debian.org/security/2021/dsa-4855
generic_textual	MODERATE	https://www.debian.org/security/2021/dsa-4855
ssvc	Track	https://www.debian.org/security/2021/dsa-4855
cvssv3.1	5.9	https://www.openssl.org/news/secadv/20210216.txt
generic_textual	MODERATE	https://www.openssl.org/news/secadv/20210216.txt
ssvc	Track	https://www.openssl.org/news/secadv/20210216.txt
cvssv3.1	5.9	https://www.oracle.com/security-alerts/cpuApr2021.html
generic_textual	MODERATE	https://www.oracle.com/security-alerts/cpuApr2021.html
ssvc	Track	https://www.oracle.com/security-alerts/cpuApr2021.html
cvssv3.1	5.9	https://www.oracle.com/security-alerts/cpuapr2022.html
generic_textual	MODERATE	https://www.oracle.com/security-alerts/cpuapr2022.html
ssvc	Track	https://www.oracle.com/security-alerts/cpuapr2022.html
cvssv3.1	5.9	https://www.oracle.com//security-alerts/cpujul2021.html
generic_textual	MODERATE	https://www.oracle.com//security-alerts/cpujul2021.html
ssvc	Track	https://www.oracle.com//security-alerts/cpujul2021.html
cvssv3.1	5.9	https://www.oracle.com/security-alerts/cpuoct2021.html
generic_textual	MODERATE	https://www.oracle.com/security-alerts/cpuoct2021.html
ssvc	Track	https://www.oracle.com/security-alerts/cpuoct2021.html
cvssv3.1	5.9	https://www.tenable.com/security/tns-2021-03
generic_textual	MODERATE	https://www.tenable.com/security/tns-2021-03
ssvc	Track	https://www.tenable.com/security/tns-2021-03
cvssv3.1	5.9	https://www.tenable.com/security/tns-2021-09
generic_textual	MODERATE	https://www.tenable.com/security/tns-2021-09
ssvc	Track	https://www.tenable.com/security/tns-2021-09

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23841.json
		https://api.first.org/data/v1/epss?cve=CVE-2021-23841
		https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841
		http://seclists.org/fulldisclosure/2021/May/67
		http://seclists.org/fulldisclosure/2021/May/68
		http://seclists.org/fulldisclosure/2021/May/70
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/alexcrichton/openssl-src-rs
		https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf
		https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1
		https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807
		https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2
		https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846
		https://nvd.nist.gov/vuln/detail/CVE-2021-23841
		https://rustsec.org/advisories/RUSTSEC-2021-0058
		https://rustsec.org/advisories/RUSTSEC-2021-0058.html
		https://security.netapp.com/advisory/ntap-20210219-0009
		https://security.netapp.com/advisory/ntap-20210219-0009/
		https://security.netapp.com/advisory/ntap-20210513-0002
		https://security.netapp.com/advisory/ntap-20210513-0002/
		https://support.apple.com/kb/HT212528
		https://support.apple.com/kb/HT212529
		https://support.apple.com/kb/HT212534
		https://www.debian.org/security/2021/dsa-4855
		https://www.openssl.org/news/secadv/20210216.txt
		https://www.oracle.com/security-alerts/cpuApr2021.html
		https://www.oracle.com/security-alerts/cpuapr2022.html
		https://www.oracle.com//security-alerts/cpujul2021.html
		https://www.oracle.com/security-alerts/cpuoct2021.html
		https://www.tenable.com/security/tns-2021-03
		https://www.tenable.com/security/tns-2021-09
1930310		https://bugzilla.redhat.com/show_bug.cgi?id=1930310
ASA-202102-42		https://security.archlinux.org/ASA-202102-42
AVG-1581		https://security.archlinux.org/AVG-1581
GHSA-84rm-qf37-fgc2		https://github.com/advisories/GHSA-84rm-qf37-fgc2
GLSA-202103-03		https://security.gentoo.org/glsa/202103-03
?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf		https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf
?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807		https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807
RHSA-2021:3798		https://access.redhat.com/errata/RHSA-2021:3798
RHSA-2021:4198		https://access.redhat.com/errata/RHSA-2021:4198
RHSA-2021:4424		https://access.redhat.com/errata/RHSA-2021:4424
RHSA-2021:4613		https://access.redhat.com/errata/RHSA-2021:4613
RHSA-2021:4614		https://access.redhat.com/errata/RHSA-2021:4614
RHSA-2021:4861		https://access.redhat.com/errata/RHSA-2021:4861
RHSA-2021:4863		https://access.redhat.com/errata/RHSA-2021:4863
USN-4738-1		https://usn.ubuntu.com/4738-1/
USN-4745-1		https://usn.ubuntu.com/4745-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23841.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://seclists.org/fulldisclosure/2021/May/67

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at http://seclists.org/fulldisclosure/2021/May/67

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://seclists.org/fulldisclosure/2021/May/68

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at http://seclists.org/fulldisclosure/2021/May/68

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://seclists.org/fulldisclosure/2021/May/70

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at http://seclists.org/fulldisclosure/2021/May/70

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/alexcrichton/openssl-src-rs

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-23841

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://rustsec.org/advisories/RUSTSEC-2021-0058

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://rustsec.org/advisories/RUSTSEC-2021-0058.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://security.gentoo.org/glsa/202103-03

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://security.gentoo.org/glsa/202103-03

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://security.netapp.com/advisory/ntap-20210219-0009

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://security.netapp.com/advisory/ntap-20210219-0009/

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://security.netapp.com/advisory/ntap-20210513-0002

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://security.netapp.com/advisory/ntap-20210513-0002/

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://security.netapp.com/advisory/ntap-20240621-0006/

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT212528

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://support.apple.com/kb/HT212528

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT212529

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://support.apple.com/kb/HT212529

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT212534

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://support.apple.com/kb/HT212534

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.debian.org/security/2021/dsa-4855

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://www.debian.org/security/2021/dsa-4855

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.openssl.org/news/secadv/20210216.txt

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://www.openssl.org/news/secadv/20210216.txt

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.oracle.com/security-alerts/cpuApr2021.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://www.oracle.com/security-alerts/cpuApr2021.html

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.oracle.com/security-alerts/cpuapr2022.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://www.oracle.com/security-alerts/cpuapr2022.html

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.oracle.com//security-alerts/cpujul2021.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://www.oracle.com//security-alerts/cpujul2021.html

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.oracle.com/security-alerts/cpuoct2021.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://www.oracle.com/security-alerts/cpuoct2021.html

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.tenable.com/security/tns-2021-03

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://www.tenable.com/security/tns-2021-03

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.tenable.com/security/tns-2021-09

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/ Found at https://www.tenable.com/security/tns-2021-09

Exploit Prediction Scoring System (EPSS)

Percentile	0.71172
EPSS Score	0.00665
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:01:27.565649+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/202103-03	38.0.0