CVE-2021-3602
In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Die Fehler existieren in den Komponenten python-lxml, qt5, python-babel, container-tools:2.0, container-tools:3.0, tcpdump, rust-toolset, libjpeg-turbo, zziplib, linuxptp, file, json-c, libsolv, tpm2-tools, ncurses, python-pip, dnf, dnf-plugins-core, libdnf, lua, libsepol und autotrace. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, beliebigen Code auszuführen, Dateien zu manipulieren und einen nicht spezifizierten Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erhöhte Rechte.
EPSS 0.16% · 37.4th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SUSE | SUSE openSUSE | |
| Oracle | Oracle Linux | |
| Avaya | Avaya Aura Experience Portal | |
| Red Hat | Red Hat Enterprise Linux | |
| Amazon | Amazon Linux 2 | |
| Red Hat | Red Hat Enterprise Linux 8 | |
| Ubuntu | Ubuntu Linux | |
| Debian | Debian Linux | |
| SUSE | SUSE Linux | |
| Gentoo | Gentoo Linux | |
| Red Hat | Red Hat OpenShift Data Foundation <4.12.10 | |
| IBM | IBM Security Verify Access 10.0.0-10.0.7.1 |
Timeline
- Jul 19, 2021 CVE Published
- Mar 4, 2022 EPSS Score
- Apr 25, 2022 EPSS Score
- Jun 15, 2022 EPSS Score
- Aug 7, 2022 EPSS Score
- Sep 27, 2022 EPSS Score
- Nov 18, 2022 EPSS Score
- Jan 9, 2023 EPSS Score
- Feb 7, 2023 CVE Updated
- Mar 1, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 22, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-0571.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0571 advisory
- https://access.redhat.com/errata/RHSA-2021:4158 advisory
- https://access.redhat.com/errata/RHSA-2021:4172 advisory
- https://access.redhat.com/errata/RHSA-2021:4201 advisory
- https://access.redhat.com/errata/RHSA-2021:4221 advisory
- https://access.redhat.com/errata/RHSA-2021:4222 advisory
- https://access.redhat.com/errata/RHSA-2021:4236 advisory
- https://access.redhat.com/errata/RHSA-2021:4270 advisory
- https://access.redhat.com/errata/RHSA-2021:4288 advisory
- https://access.redhat.com/errata/RHSA-2021:4316 advisory
- https://access.redhat.com/errata/RHSA-2021:4321 advisory
- https://access.redhat.com/errata/RHSA-2021:4374 advisory
- https://access.redhat.com/errata/RHSA-2021:4382 advisory
- https://access.redhat.com/errata/RHSA-2021:4408 advisory
- https://access.redhat.com/errata/RHSA-2021:4413 advisory
- https://access.redhat.com/errata/RHSA-2021:4426 advisory
- https://access.redhat.com/errata/RHSA-2021:4455 advisory
- https://access.redhat.com/errata/RHSA-2021:4464 advisory
- https://access.redhat.com/errata/RHSA-2021:4510 advisory
…and 59 more