Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-46705
HistoryMar 16, 2022 - 10:15 a.m.

CVE-2021-46705

2022-03-1610:15:08
CWE-377
[email protected]
web.nvd.nist.gov
6
grub-once
insecure
file vulnerability
local attackers
arbitrary files

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

EPSS

0

Percentile

5.1%

JSON

A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1.

Affected configurations

Nvd
Node
suselinux_enterprise_serverMatch15sp4
AND
gnugrub2Range<2.06-150400.7.1
Node
opensusefactoryMatch-
AND
gnugrub2Range<2.06-18.1
VendorProductVersionCPE
suselinux_enterprise_server15cpe:2.3:o:suse:linux_enterprise_server:15:sp4:*:*:*:*:*:*
gnugrub2*cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*
opensusefactory-cpe:2.3:a:opensuse:factory:-:*:*:*:*:*:*:*

Related

cvelist 1
prion 1
debiancve 1
cve 1
rosalinux 1
cvelist
cvelist
CVE-2021-46705 grub2-once uses fixed file name in /var/tmp
2022-03-16 09:50:10
prion
prion
Design/Logic Flaw
2022-03-16 10:15:00
debiancve
debiancve
CVE-2021-46705
2022-03-16 10:15:08
cve
cve
CVE-2021-46705
2022-03-16 10:15:08
rosalinux
rosalinux
Advisory ROSA-SA-2024-2461
2024-07-31 09:54:19

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

EPSS

0

Percentile

5.1%

JSON
Related for NVD:CVE-2021-46705
cvelist1prion1debiancve1cve1rosalinux1