{ "id": "CVE-2021-3146", "sourceIdentifier": "cve@mitre.org", "published": "2021-04-08T20:15:13.897", "lastModified": "2021-04-14T21:04:17.600", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Dolby Audio X2 (DAX2) API service before 0.8.8.90 on Windows allows local users to gain privileges." }, { "lang": "es", "value": "El servicio de API Dolby Audio X2 (DAX2) versiones anteriores a 0.8.8.90 en Windows permite a los usuarios locales obtener privilegios" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 4.6 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 3.9, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-426" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:dolby:audio_x2:*:*:*:*:*:*:*:*", "versionEndExcluding": "0.8.8.90", "matchCriteriaId": "3EC4CE97-1834-4AAD-B6CE-C6833060ADB8" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3:*:*:*:*:*:*", "matchCriteriaId": "3E5EA9AD-1E84-4AB5-A1EF-3B9F2AC84755" }, { "vulnerable": false, "criteria": "cpe:2.3:a:microsoft:exchange_server:2013:-:*:*:*:*:*:*", "matchCriteriaId": "27EF8DB7-D5A0-47A8-9F69-7D0259490D69" }, { "vulnerable": false, "criteria": "cpe:2.3:a:microsoft:visual_c\\+\\+:2005:sp1:*:*:*:*:*:*", "matchCriteriaId": "882CDAE9-EC03-48E6-814C-50236B8F0B93" }, { "vulnerable": false, "criteria": "cpe:2.3:a:microsoft:visual_c\\+\\+:2008:sp1:*:*:*:*:*:*", "matchCriteriaId": "A4E0021F-ABB9-4FB4-BC1C-5098F2E66371" }, { "vulnerable": false, "criteria": "cpe:2.3:a:microsoft:visual_c\\+\\+:2010:-:*:*:*:*:*:*", "matchCriteriaId": "8510550C-3A26-4BB3-A5F3-11D591DD0CE6" }, { "vulnerable": false, "criteria": "cpe:2.3:a:microsoft:visual_studio:2005:sp1:*:*:*:*:*:*", "matchCriteriaId": "9271AF1C-9B1C-4ADB-9F54-E63EBA2910F9" }, { "vulnerable": false, "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:sp1:*:*:*:*:*:*", "matchCriteriaId": "9AB2C8C4-7E86-4736-9CE4-2E65E4EDBF02" }, { "vulnerable": false, "criteria": "cpe:2.3:a:microsoft:visual_studio:2010:-:*:*:*:*:*:*", "matchCriteriaId": "4F4DFC93-9533-4893-B634-0551CDE7D252" }, { "vulnerable": false, "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*", "matchCriteriaId": "85959AEB-2FE5-4A25-B298-F8223CE260D6" } ] } ] } ], "references": [ { "url": "https://professional.dolby.com/siteassets/pdfs/dolby-dax2-security-advisory-2021-04-07.pdf", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] } ] }