VDB
CVE-2021-42072
CVE-2021-42072
PUBLISHED
CVSS 8.800000190734863 HIGH
An issue was discovered in Barrier before 2.4.0. The barriers component (aka the server-side implementation of Barrier) does not sufficiently verify the identify of connecting clients. Clients can thus exploit weaknesses in the provided protocol to cause denial-of-service or stage further attacks that could lead to information leaks or integrity corruption.
EPSS 0.54% · 67.9th percentile
Risk Scores
CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.54%
67.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| fedoraproject | fedora | 35, 34 |
| barrier_project | barrier | 0 |
| n/a | n/a | n/a |
Exploit Intelligence
Timeline
- Nov 8, 2021 EPSS Score
- Nov 8, 2021 CVE Published
- Jan 3, 2022 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Mar 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 24, 2022 EPSS Score
- Aug 14, 2022 EPSS Score
- Oct 9, 2022 EPSS Score
- Dec 3, 2022 EPSS Score
- Jan 28, 2023 EPSS Score
References
- [oss-security] 20211102 Barrier "software KVM switch" multiple remote security issues mailing-list
- https://github.com/debauchee/barrier/releases/tag/v2.4.0 url
- FEDORA-2022-3dc519f073 vendor-advisory
- FEDORA-2022-09c1a5bab8 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-42072 advisory
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIEVNCFEFO7L3NTM4VUZB3WKYYCBTFCI url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMU3STOKHPEZSC54MZ42YBFFC2R3BU2Q url