CVE-2021-3326

Published Jan 27, 2021
Last updated 3 months ago
CVSS high 7.5
Overview

Description: The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses

nvd@nist.gov: CWE-617
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "290E9831-5E7A-4EE8-9496-FF8C590038F2",
            "versionEndIncluding": "2.32.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7402489D-85E5-4662-BF87-259740DC72F8",
            "versionEndIncluding": "11.60.3",
            "versionStartIncluding": "11.0"
          },
          {
            "criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAEB09CA-9352-43CD-AF66-92BE416E039C"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E63B7B2-409A-476E-BA12-2A2D2F3B85DE",
            "versionEndExcluding": "xcp2410"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "983D27DE-BC89-454E-AE47-95A26A3651E2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADB5D4C9-DA14-4188-9181-17336F9445F6",
            "versionEndExcluding": "xcp2410"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5825AEE1-B668-40BD-86A9-2799430C742C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B65E2F3-57EC-46C0-BB4A-0A0F3F8D387E",
            "versionEndExcluding": "xcp2410"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3DA2D526-BDCF-4A65-914A-B3BA3A0CD613"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90B7CFBF-761C-4EAA-A322-EF5E294AADED",
            "versionEndExcluding": "xcp2410"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EE0CF40B-E5BD-4558-9321-184D58EF621D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48B28ABF-7E1A-4A1E-8F78-0D95D7BDF886",
            "versionEndExcluding": "xcp2410"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0F3C9C09-7B2B-4DB6-8BE0-35302ED35776"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48B28ABF-7E1A-4A1E-8F78-0D95D7BDF886",
            "versionEndExcluding": "xcp2410"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0F3C9C09-7B2B-4DB6-8BE0-35302ED35776"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E74AAF52-1388-4BD9-B17B-3A6A32CA3608",
            "versionEndExcluding": "xcp2410"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "95503CE5-1D06-4092-A60D-D310AADCAFB1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A107698C-9C63-44A9-8A2B-81EDD5702B4C",
            "versionEndExcluding": "xcp3110"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "983D27DE-BC89-454E-AE47-95A26A3651E2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0FC0460E-4695-44FB-99EE-28B2C957B760",
            "versionEndExcluding": "xcp3110"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5825AEE1-B668-40BD-86A9-2799430C742C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD54A092-85A7-4459-9C69-19E6E24AC24B",
            "versionEndExcluding": "xcp3110"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3DA2D526-BDCF-4A65-914A-B3BA3A0CD613"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F813DBC-BA1E-4C73-AA11-1BD3F9508372",
            "versionEndExcluding": "xcp3110"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EE0CF40B-E5BD-4558-9321-184D58EF621D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EFDF4F39-1C6C-4AD3-99CF-BD5B44B8C71B",
            "versionEndExcluding": "xcp3110"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0F3C9C09-7B2B-4DB6-8BE0-35302ED35776"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EFDF4F39-1C6C-4AD3-99CF-BD5B44B8C71B",
            "versionEndExcluding": "xcp3110"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0F3C9C09-7B2B-4DB6-8BE0-35302ED35776"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "416B805F-799A-4466-AC5A-93D083A2ABBD",
            "versionEndExcluding": "xcp3110"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "95503CE5-1D06-4092-A60D-D310AADCAFB1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
