Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCanonicalCVE-2021-3710
HistoryOct 01, 2021 - 3:15 a.m.

CVE-2021-3710

2021-10-0103:15:07
CWE-22
CWE-24
canonical
web.nvd.nist.gov
43
cve-2021-3710
information disclosure
path traversal
apport
security issue
nvd

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:C/I:N/A:N

CVSS3

6.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

AI Score

5

Confidence

High

EPSS

0.001

Percentile

27.8%

JSON

An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;

Affected configurations

Nvd
Node
canonicalubuntu_linuxMatch14.04
AND
canonicalapportMatch2.14.1-0ubuntu1
OR
canonicalapportMatch2.14.1-0ubuntu2
OR
canonicalapportMatch2.14.1-0ubuntu3
OR
canonicalapportMatch2.14.1-0ubuntu3.1
OR
canonicalapportMatch2.14.1-0ubuntu3.2
OR
canonicalapportMatch2.14.1-0ubuntu3.3
OR
canonicalapportMatch2.14.1-0ubuntu3.4
OR
canonicalapportMatch2.14.1-0ubuntu3.5
OR
canonicalapportMatch2.14.1-0ubuntu3.6
OR
canonicalapportMatch2.14.1-0ubuntu3.7
OR
canonicalapportMatch2.14.1-0ubuntu3.8
OR
canonicalapportMatch2.14.1-0ubuntu3.9
OR
canonicalapportMatch2.14.1-0ubuntu3.10
OR
canonicalapportMatch2.14.1-0ubuntu3.11
OR
canonicalapportMatch2.14.1-0ubuntu3.12
OR
canonicalapportMatch2.14.1-0ubuntu3.13
OR
canonicalapportMatch2.14.1-0ubuntu3.14
OR
canonicalapportMatch2.14.1-0ubuntu3.15
OR
canonicalapportMatch2.14.1-0ubuntu3.16
OR
canonicalapportMatch2.14.1-0ubuntu3.17
OR
canonicalapportMatch2.14.1-0ubuntu3.18
OR
canonicalapportMatch2.14.1-0ubuntu3.19
OR
canonicalapportMatch2.14.1-0ubuntu3.20
OR
canonicalapportMatch2.14.1-0ubuntu3.21
OR
canonicalapportMatch2.14.1-0ubuntu3.23
OR
canonicalapportMatch2.14.1-0ubuntu3.24
OR
canonicalapportMatch2.14.1-0ubuntu3.25
OR
canonicalapportMatch2.14.1-0ubuntu3.27
OR
canonicalapportMatch2.14.1-0ubuntu3.28
OR
canonicalapportMatch2.14.1-0ubuntu3.29
OR
canonicalapportMatch2.14.1-0ubuntu3.29\+esm7
Node
canonicalubuntu_linuxMatch16.04
AND
canonicalapportMatch2.20.1-0ubuntu1
OR
canonicalapportMatch2.20.1-0ubuntu2
OR
canonicalapportMatch2.20.1-0ubuntu2.1
OR
canonicalapportMatch2.20.1-0ubuntu2.2
OR
canonicalapportMatch2.20.1-0ubuntu2.4
OR
canonicalapportMatch2.20.1-0ubuntu2.5
OR
canonicalapportMatch2.20.1-0ubuntu2.6
OR
canonicalapportMatch2.20.1-0ubuntu2.7
OR
canonicalapportMatch2.20.1-0ubuntu2.8
OR
canonicalapportMatch2.20.1-0ubuntu2.9
OR
canonicalapportMatch2.20.1-0ubuntu2.10
OR
canonicalapportMatch2.20.1-0ubuntu2.12
OR
canonicalapportMatch2.20.1-0ubuntu2.13
OR
canonicalapportMatch2.20.1-0ubuntu2.14
OR
canonicalapportMatch2.20.1-0ubuntu2.15
OR
canonicalapportMatch2.20.1-0ubuntu2.16
OR
canonicalapportMatch2.20.1-0ubuntu2.17
OR
canonicalapportMatch2.20.1-0ubuntu2.18
OR
canonicalapportMatch2.20.1-0ubuntu2.19
OR
canonicalapportMatch2.20.1-0ubuntu2.20
OR
canonicalapportMatch2.20.1-0ubuntu2.21
OR
canonicalapportMatch2.20.1-0ubuntu2.22
OR
canonicalapportMatch2.20.1-0ubuntu2.23
OR
canonicalapportMatch2.20.1-0ubuntu2.25
OR
canonicalapportMatch2.20.1-0ubuntu2.26
OR
canonicalapportMatch2.20.1-0ubuntu2.27
OR
canonicalapportMatch2.20.1-0ubuntu2.28
OR
canonicalapportMatch2.20.1-0ubuntu2.30
OR
canonicalapportMatch2.20.1-0ubuntu2.30\+esm1
Node
canonicalubuntu_linuxMatch18.04
AND
canonicalapportMatch2.20.9-0ubuntu1
OR
canonicalapportMatch2.20.9-0ubuntu2
OR
canonicalapportMatch2.20.9-0ubuntu3
OR
canonicalapportMatch2.20.9-0ubuntu4
OR
canonicalapportMatch2.20.9-0ubuntu5
OR
canonicalapportMatch2.20.9-0ubuntu6
OR
canonicalapportMatch2.20.9-0ubuntu7
OR
canonicalapportMatch2.20.9-0ubuntu7.1
OR
canonicalapportMatch2.20.9-0ubuntu7.2
OR
canonicalapportMatch2.20.9-0ubuntu7.3
OR
canonicalapportMatch2.20.9-0ubuntu7.4
OR
canonicalapportMatch2.20.9-0ubuntu7.5
OR
canonicalapportMatch2.20.9-0ubuntu7.6
OR
canonicalapportMatch2.20.9-0ubuntu7.7
OR
canonicalapportMatch2.20.9-0ubuntu7.8
OR
canonicalapportMatch2.20.9-0ubuntu7.9
OR
canonicalapportMatch2.20.9-0ubuntu7.10
OR
canonicalapportMatch2.20.9-0ubuntu7.11
OR
canonicalapportMatch2.20.9-0ubuntu7.12
OR
canonicalapportMatch2.20.9-0ubuntu7.13
OR
canonicalapportMatch2.20.9-0ubuntu7.14
OR
canonicalapportMatch2.20.9-0ubuntu7.15
OR
canonicalapportMatch2.20.9-0ubuntu7.16
OR
canonicalapportMatch2.20.9-0ubuntu7.17
OR
canonicalapportMatch2.20.9-0ubuntu7.18
OR
canonicalapportMatch2.20.9-0ubuntu7.19
OR
canonicalapportMatch2.20.9-0ubuntu7.20
OR
canonicalapportMatch2.20.9-0ubuntu7.21
OR
canonicalapportMatch2.20.9-0ubuntu7.23
OR
canonicalapportMatch2.20.9-0ubuntu7.24
Node
canonicalubuntu_linuxMatch20.04
AND
canonicalapportMatch2.20.11-0ubuntu8
OR
canonicalapportMatch2.20.11-0ubuntu9
OR
canonicalapportMatch2.20.11-0ubuntu10
OR
canonicalapportMatch2.20.11-0ubuntu11
OR
canonicalapportMatch2.20.11-0ubuntu12
OR
canonicalapportMatch2.20.11-0ubuntu13
OR
canonicalapportMatch2.20.11-0ubuntu14
OR
canonicalapportMatch2.20.11-0ubuntu15
OR
canonicalapportMatch2.20.11-0ubuntu16
OR
canonicalapportMatch2.20.11-0ubuntu17
OR
canonicalapportMatch2.20.11-0ubuntu18
OR
canonicalapportMatch2.20.11-0ubuntu19
OR
canonicalapportMatch2.20.11-0ubuntu20
OR
canonicalapportMatch2.20.11-0ubuntu21
OR
canonicalapportMatch2.20.11-0ubuntu22
OR
canonicalapportMatch2.20.11-0ubuntu23
OR
canonicalapportMatch2.20.11-0ubuntu24
OR
canonicalapportMatch2.20.11-0ubuntu25
OR
canonicalapportMatch2.20.11-0ubuntu26
OR
canonicalapportMatch2.20.11-0ubuntu27
OR
canonicalapportMatch2.20.11-0ubuntu27.2
OR
canonicalapportMatch2.20.11-0ubuntu27.3
OR
canonicalapportMatch2.20.11-0ubuntu27.4
OR
canonicalapportMatch2.20.11-0ubuntu27.5
OR
canonicalapportMatch2.20.11-0ubuntu27.6
OR
canonicalapportMatch2.20.11-0ubuntu27.7
OR
canonicalapportMatch2.20.11-0ubuntu27.8
OR
canonicalapportMatch2.20.11-0ubuntu27.9
OR
canonicalapportMatch2.20.11-0ubuntu27.10
OR
canonicalapportMatch2.20.11-0ubuntu27.11
OR
canonicalapportMatch2.20.11-0ubuntu27.12
OR
canonicalapportMatch2.20.11-0ubuntu27.13
OR
canonicalapportMatch2.20.11-0ubuntu27.14
OR
canonicalapportMatch2.20.11-0ubuntu27.16
OR
canonicalapportMatch2.20.11-0ubuntu27.17
OR
canonicalapportMatch2.20.11-0ubuntu27.18
Node
canonicalubuntu_linuxMatch21.04
AND
canonicalapportMatch2.20.11-0ubuntu28
OR
canonicalapportMatch2.20.11-0ubuntu29
OR
canonicalapportMatch2.20.11-0ubuntu30
OR
canonicalapportMatch2.20.11-0ubuntu31
OR
canonicalapportMatch2.20.11-0ubuntu32
OR
canonicalapportMatch2.20.11-0ubuntu33
OR
canonicalapportMatch2.20.11-0ubuntu34
OR
canonicalapportMatch2.20.11-0ubuntu35
OR
canonicalapportMatch2.20.11-0ubuntu36
OR
canonicalapportMatch2.20.11-0ubuntu37
OR
canonicalapportMatch2.20.11-0ubuntu38
OR
canonicalapportMatch2.20.11-0ubuntu39
OR
canonicalapportMatch2.20.11-0ubuntu40
OR
canonicalapportMatch2.20.11-0ubuntu41
OR
canonicalapportMatch2.20.11-0ubuntu42
OR
canonicalapportMatch2.20.11-0ubuntu43
OR
canonicalapportMatch2.20.11-0ubuntu44
OR
canonicalapportMatch2.20.11-0ubuntu45
OR
canonicalapportMatch2.20.11-0ubuntu46
OR
canonicalapportMatch2.20.11-0ubuntu47
OR
canonicalapportMatch2.20.11-0ubuntu48
OR
canonicalapportMatch2.20.11-0ubuntu49
OR
canonicalapportMatch2.20.11-0ubuntu50
OR
canonicalapportMatch2.20.11-0ubuntu50.1
OR
canonicalapportMatch2.20.11-0ubuntu50.2
OR
canonicalapportMatch2.20.11-0ubuntu50.3
OR
canonicalapportMatch2.20.11-0ubuntu50.5
OR
canonicalapportMatch2.20.11-0ubuntu50.7
OR
canonicalapportMatch2.20.11-0ubuntu51
OR
canonicalapportMatch2.20.11-0ubuntu52
OR
canonicalapportMatch2.20.11-0ubuntu53
OR
canonicalapportMatch2.20.11-0ubuntu54
OR
canonicalapportMatch2.20.11-0ubuntu55
OR
canonicalapportMatch2.20.11-0ubuntu56
OR
canonicalapportMatch2.20.11-0ubuntu57
OR
canonicalapportMatch2.20.11-0ubuntu58
OR
canonicalapportMatch2.20.11-0ubuntu59
OR
canonicalapportMatch2.20.11-0ubuntu60
OR
canonicalapportMatch2.20.11-0ubuntu61
OR
canonicalapportMatch2.20.11-0ubuntu62
OR
canonicalapportMatch2.20.11-0ubuntu63
OR
canonicalapportMatch2.20.11-0ubuntu64
OR
canonicalapportMatch2.20.11-0ubuntu65
OR
canonicalapportMatch2.20.11-0ubuntu65.1
VendorProductVersionCPE
canonicalubuntu_linux14.04cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:*:*:*:*
canonicalapport2.14.1-0ubuntu1cpe:2.3:a:canonical:apport:2.14.1-0ubuntu1:*:*:*:*:*:*:*
canonicalapport2.14.1-0ubuntu2cpe:2.3:a:canonical:apport:2.14.1-0ubuntu2:*:*:*:*:*:*:*
canonicalapport2.14.1-0ubuntu3cpe:2.3:a:canonical:apport:2.14.1-0ubuntu3:*:*:*:*:*:*:*
canonicalapport2.14.1-0ubuntu3.1cpe:2.3:a:canonical:apport:2.14.1-0ubuntu3.1:*:*:*:*:*:*:*
canonicalapport2.14.1-0ubuntu3.2cpe:2.3:a:canonical:apport:2.14.1-0ubuntu3.2:*:*:*:*:*:*:*
canonicalapport2.14.1-0ubuntu3.3cpe:2.3:a:canonical:apport:2.14.1-0ubuntu3.3:*:*:*:*:*:*:*
canonicalapport2.14.1-0ubuntu3.4cpe:2.3:a:canonical:apport:2.14.1-0ubuntu3.4:*:*:*:*:*:*:*
canonicalapport2.14.1-0ubuntu3.5cpe:2.3:a:canonical:apport:2.14.1-0ubuntu3.5:*:*:*:*:*:*:*
canonicalapport2.14.1-0ubuntu3.6cpe:2.3:a:canonical:apport:2.14.1-0ubuntu3.6:*:*:*:*:*:*:*
Rows per page:
1-10 of 1751

CNA Affected

[
  {
    "product": "apport",
    "vendor": "Canonical",
    "versions": [
      {
        "lessThan": "2.14.1-0ubuntu3.29+esm8",
        "status": "affected",
        "version": "2.14.1",
        "versionType": "custom"
      },
      {
        "lessThan": "2.20.1-0ubuntu2.30+esm2",
        "status": "affected",
        "version": "2.20.1",
        "versionType": "custom"
      },
      {
        "lessThan": "2.20.9-0ubuntu7.26",
        "status": "affected",
        "version": "2.20.9",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "2.20.11-0ubuntu65.3",
            "status": "unaffected"
          }
        ],
        "lessThan": "2.20.11-0ubuntu27.20",
        "status": "affected",
        "version": "2.20.11",
        "versionType": "custom"
      }
    ]
  }
]

Related

nvd 1
cvelist 1
ubuntucve 1
prion 1
openvas 2
nessus 2
osv 2
ubuntu 2
nvd
nvd
CVE-2021-3710
2021-10-01 03:15:07
cvelist
cvelist
CVE-2021-3710 Apport info disclosure via path traversal bug in read_file
2021-10-01 02:35:22
ubuntucve
ubuntucve
CVE-2021-3710
2021-09-14 00:00:00
prion
prion
Path traversal
2021-10-01 03:15:00
openvas
openvas
Ubuntu: Security Advisory (USN-5077-2)
2022-08-26 00:00:00
Ubuntu: Security Advisory (USN-5077-1)
2021-09-15 00:00:00
nessus
nessus
Ubuntu 16.04 ESM : Apport vulnerabilities (USN-5077-2)
2021-09-14 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS : Apport vulnerabilities (USN-5077-1)
2021-09-14 00:00:00
osv
osv
apport vulnerabilities
2021-09-14 13:21:29
apport vulnerabilities
2021-09-14 11:54:26
ubuntu
ubuntu
Apport vulnerabilities
2021-09-14 00:00:00
Apport vulnerabilities
2021-09-14 00:00:00

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:C/I:N/A:N

CVSS3

6.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

AI Score

5

Confidence

High

EPSS

0.001

Percentile

27.8%

JSON
Related for CVE-2021-3710
nvd1cvelist1ubuntucve1prion1openvas2nessus2osv2ubuntu2