CVE-2021-3654 — Vulnetix

CVE-2021-3654 PUBLISHED CVSS 8.699999809265137 HIGH

Red Hat OpenStack ist eine Sammlung von Diensten, um Cloud-Computing in Form von Infrastructure as a Service (IaaS) bereitstellen zu können.

EPSS 87.18% · 99.5th percentile

Risk Scores

CVSS 4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS Score

87.18%

99.5th percentile

Affected Products

Vendor	Product	Versions
Red Hat	Red Hat Enterprise Linux
Red Hat	Red Hat OpenStack <16.2
Fedora	Fedora Linux
Ubuntu	Ubuntu Linux
Debian	Debian Linux
Amazon	Amazon Linux 2
SUSE	SUSE Linux

Exploit Intelligence

https://security.openstack.org/ossa/OSSA-2021-002.html (circl)
https://bugs.launchpad.net/nova/+bug/1927677 (circl)
https://www.openwall.com/lists/oss-security/2021/07/29/2 (circl)
https://bugs.python.org/issue32084 (circl)
https://opendev.org/openstack/nova/commit/04d48527b62a35d912f93bc75613a6cca606df66 (circl)
https://opendev.org/openstack/nova/commit/8906552cfc2525a44251d4cf313ece61e57251eb (circl)
https://bugzilla.redhat.com/show_bug.cgi?id=1961439 (circl)
GLSA-202305-02 (circl)
web_poc_map_v2.yaml (github-poc)
web_poc_map_v2.yaml (github-poc)

…and 14 more exploits

Timeline

Mar 2, 2022 CVE Published
Mar 3, 2022 EPSS Score
Mar 11, 2022 CVE Updated
Mar 7, 2023 EPSS Score
May 4, 2023 EPSS Score
Jun 7, 2023 EPSS Score
Sep 23, 2023 EPSS Score
Nov 15, 2024 EPSS Score
Mar 17, 2025 EPSS Score
Mar 23, 2025 EPSS Score
Mar 30, 2025 EPSS Score
May 1, 2025 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0250.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0250 advisory
https://access.redhat.com/errata/RHSA-2022:0992 advisory
https://access.redhat.com/errata/RHSA-2022:0993 advisory
https://access.redhat.com/errata/RHSA-2022:0995 advisory
https://access.redhat.com/errata/RHSA-2022:0996 advisory
https://access.redhat.com/errata/RHSA-2022:0999 advisory
https://access.redhat.com/errata/RHSA-2022:1000 advisory
https://access.redhat.com/errata/RHSA-2022:0982 advisory
https://access.redhat.com/errata/RHSA-2022:0983 advisory
https://access.redhat.com/errata/RHSA-2022:0990 advisory
https://access.redhat.com/errata/RHSA-2022:0987 advisory
https://ubuntu.com/security/notices/USN-5369-1 advisory
https://alas.aws.amazon.com/AL2022/ALAS-2022-046.html advisory
https://ubuntu.com/security/notices/USN-5354-2 advisory
https://alas.aws.amazon.com/ALAS-2022-1592.html advisory
https://lists.suse.com/pipermail/sle-security-updates/2022-June/011279.html advisory
https://lists.suse.com/pipermail/sle-security-updates/2022-July/011595.html advisory
https://lists.suse.com/pipermail/sle-security-updates/2022-September/012215.html advisory
https://lists.debian.org/debian-lts-announce/2022/09/msg00015.html advisory

…and 6 more

Open in Interactive Console →

$ Console Community · 100/wk Open console ›