7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Software: glibc 2.28
OS: ROSA Virtualization 2.1
package_evr_string: glibc-2.28-225.rv3.src.rpm
CVE-ID: CVE-2021-3999
BDU-ID: 2022-01635
CVE-Crit: CRITICAL.
CVE-DESC.: A vulnerability in the getcwd() function of the glibc system library is associated with a single offset error. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by sending specially generated data to the application
CVE-STATUS: Resolved
CVE-REV: Run the yum update glibc command to close it.
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%