Vulnerability CVE-2021-44717

Vulnerability Name:

CVE-2021-44717 (CCN-216563)

Assigned:

2021-11-04

Published:

2021-11-04

Updated:

2023-04-20

Summary:

CVSS v3 Severity:

4.8 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
4.2 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
4.2 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

4.8 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
4.2 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Consequences:

Bypass Security

References:

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration CCN 1:

cpe:/a:golang:go:1.16.0:-:*:*:*:*:*:*

OR cpe:/a:golang:go:1.17.0:*:*:*:*:*:*:*

AND

cpe:/a:ibm:cloud_private:3.2.1:cd:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_protect_server:8.1.0.000:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_private:3.2.2:cd:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:datapower_gateway:10.0.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:datapower_gateway:10.0.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.3.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_copy_data_management:2.2.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_protect_plus:10.1.9.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:datapower_gateway:10.0.4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_copy_data_management:2.2.15.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:3387	P	u-boot-rpi3-2019.01-3.7 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:95017	P	go1.17-1.17.9-150000.1.31.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94939	P	libexif-devel-0.6.22-150000.5.9.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94940	P	libexiv2-26-0.26-6.8.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:4599	P	Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP5) (Important)	2022-05-10
oval:org.opensuse.security:def:4600	P	Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP5) (Important)	2022-05-10
oval:org.opensuse.security:def:101652	P	Security update for libeconf, shadow and util-linux (Moderate)	2022-03-04
oval:org.opensuse.security:def:101653	P	Security update for zsh (Important)	2022-03-04
oval:org.opensuse.security:def:112336	P	go1.16-1.16.12-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:112342	P	go1.17-1.17.5-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:111185	P	Security update for go1.16 (Moderate)	2021-12-26
oval:org.opensuse.security:def:4531	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:96207	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:109581	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:70573	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:103023	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:108319	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:65620	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:102897	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:10433	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:96254	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:119534	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:9126	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:96226	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:118665	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:109681	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:96196	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:1148	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:109563	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:70024	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:102916	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:74756	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:102886	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:9884	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:96238	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:119162	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:96216	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:117832	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:109582	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:70574	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:103025	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:109552	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:65688	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:102906	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:10434	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:96255	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:119535	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:9135	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:96231	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:118854	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:109682	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:96197	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:1149	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:109572	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:70032	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:102921	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:74757	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:102887	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:9892	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:96244	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:119349	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:96217	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:117833	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:109587	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:101826	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:109553	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:65689	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:102907	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:111848	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:74687	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:9136	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:96232	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:118855	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:4530	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:96206	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:109573	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:70033	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:102922	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:108318	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:65619	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:102896	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:9893	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:96245	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:119350	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:9125	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:96225	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:118664	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:109588	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:101827	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:109562	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:70023	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:102915	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:111851	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:74688	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:9883	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:96237	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:119161	P	Security update for go1.16 (Moderate)	2021-12-23
oval:com.redhat.rhsa:def:20215160	P	RHSA-2021:5160: go-toolset:rhel8 security and bug fix update (Important)	2021-12-15

BACK