Vulnerability Name: | CVE-2021-26325 (CCN-213711) |
Assigned: | 2021-11-01 |
Published: | 2021-11-01 |
Updated: | 2021-11-19 |
Summary: | Insufficient input validation in the SNP_GUEST_REQUEST command may lead to a potential data abort error and a denial of service.
|
CVSS v3 Severity: | 5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) 4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)Exploitability Metrics: | Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): None Integrity (I): None Availibility (A): High | 3.3 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) 2.9 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)Exploitability Metrics: | Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): None Integrity (I): None Availibility (A): Low |
|
CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)Exploitability Metrics: | Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None | Impact Metrics: | Confidentiality (C): None Integrity (I): None Availibility (A): Partial | 1.7 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:P)Exploitability Metrics: | Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
| Impact Metrics: | Confidentiality (C): None Integrity (I): None Availibility (A): Partial |
|
Vulnerability Type: | CWE-20
|
Vulnerability Consequences: | Denial of Service |
References: | Source: MITRE Type: CNA CVE-2021-26325
Source: XF Type: UNKNOWN amd-cve202126325-dos(213711)
Source: CCN Type: AMD-SB-1021 AMD Server Vulnerabilities
Source: MISC Type: Vendor Advisory https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021
|
Vulnerable Configuration: | Configuration 1: cpe:/o:amd:epyc_7232p_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)AND cpe:/h:amd:epyc_7232p:-:*:*:*:*:*:*:* Configuration 2: cpe:/o:amd:epyc_7763_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_7763:-:*:*:*:*:*:*:* Configuration 3: cpe:/o:amd:epyc_7713p_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_7713p:-:*:*:*:*:*:*:* Configuration 4: cpe:/o:amd:epyc_7713_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_7713:-:*:*:*:*:*:*:* Configuration 5: cpe:/o:amd:epyc_7663_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_7663:-:*:*:*:*:*:*:* Configuration 6: cpe:/o:amd:epyc_7643_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_7643:-:*:*:*:*:*:*:* Configuration 7: cpe:/o:amd:epyc_75f3_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_75f3:-:*:*:*:*:*:*:* Configuration 8: cpe:/o:amd:epyc_7543p_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_7543p:-:*:*:*:*:*:*:* Configuration 9: cpe:/o:amd:epyc_7543_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_7543:-:*:*:*:*:*:*:* Configuration 10: cpe:/o:amd:epyc_7513_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_7513:-:*:*:*:*:*:*:* Configuration 11: cpe:/o:amd:epyc_7453_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_7453:-:*:*:*:*:*:*:* Configuration 12: cpe:/o:amd:epyc_74f3_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_74f3:-:*:*:*:*:*:*:* Configuration 13: cpe:/o:amd:epyc_7443p_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_7443p:-:*:*:*:*:*:*:* Configuration 14: cpe:/o:amd:epyc_7443_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_7443:-:*:*:*:*:*:*:* Configuration 15: cpe:/o:amd:epyc_7413_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_7413:-:*:*:*:*:*:*:* Configuration 16: cpe:/o:amd:epyc_73f3_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_73f3:-:*:*:*:*:*:*:* Configuration 17: cpe:/o:amd:epyc_7343_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_7343:-:*:*:*:*:*:*:* Configuration 18: cpe:/o:amd:epyc_7313p_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_7313p:-:*:*:*:*:*:*:* Configuration 19: cpe:/o:amd:epyc_7313_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_7313:-:*:*:*:*:*:*:* Configuration 20: cpe:/o:amd:epyc_72f3_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)AND cpe:/h:amd:epyc_72f3:-:*:*:*:*:*:*:*
Denotes that component is vulnerable |
BACK |