admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-29 05:56:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-429xx/CVE-2021-42988.json
cad-safe-bot 9520a58032 Auto-Update: 2024-11-23T15:09:04.070866+00:00
2024-11-23 15:12:23 +00:00

117 lines
3.8 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-42988",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-12-07T20:15:07.723",
"lastModified": "2024-11-21T06:28:22.070",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Eltima USB Network Gate is affected by Buffer Overflow. IOCTL Handler 0x22001B in the USB Network Gate above 7.0.1370 below 9.2.2420 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet."
},
{
"lang": "es",
"value": "Eltima USB Network Gate est\u00e1 afectado por el Desbordamiento del B\u00fafer. IOCTL Handler 0x22001B de la puerta de red USB versiones posteriores de 7.0.1370 y anteriores a 9.2.2420, permite a atacantes locales ejecutar c\u00f3digo arbitrario en modo kernel o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y bloqueo del Sistema Operativo) por medio de un paquete de petici\u00f3n de E/S especialmente dise\u00f1ado"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"baseScore": 7.2,
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eltima:usb_network_gate:*:*:*:*:*:*:*:*",
"versionStartExcluding": "7.0.1370",
"versionEndExcluding": "9.2.2420",
"matchCriteriaId": "784A3A3A-39FC-447D-890B-F0374E56827F"
}
]
}
]
}
],
"references": [
{
"url": "https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services/",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink