CVE-2021-3772

Published Mar 2, 2022
Last updated 2 years ago
CVSS medium 6.5
Overview

Description: A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.
Source: secalert@redhat.com
NVD status: Modified
Risk scores

CVSS 3.1

Type: Primary
Base score: 6.5
Impact score: 4.2
Exploitability score: 2.2
Vector string: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 5.8
Impact score: 4.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:P
Weaknesses

secalert@redhat.com: CWE-354
nvd@nist.gov: CWE-354
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "103D9D8F-806F-4043-80C3-73831775798E",
            "versionEndExcluding": "5.15.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56"
          },
          {
            "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838"
          },
          {
            "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8AFF1109-26F3-43A5-A4CB-0F169FDBC0DE"
          },
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AF71C49-ADEF-4EE2-802C-6159ADD51355"
          },
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3BC6E59-2134-4A28-AAD2-77C8AE236BCF"
          },
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24377899-5389-4BDC-AC82-0E4186F4DE53"
          },
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23FE83DE-AE7C-4313-88E3-886110C31302"
          },
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "490B327B-AC20-419B-BB76-8AB6971304BB"
          },
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8DCE2754-7A9E-4B3B-91D1-DCF90C1BABE5"
          },
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CA74E8B-51E2-4A7C-8A98-0583D31134A6"
          },
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B64AB37-A1D9-4163-A51B-4C780361F1F1"
          },
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7BE9C9D7-9CED-4184-A190-1024A6FB8C82"
          },
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B73D4C3C-A511-4E14-B19F-91F561ACB1B8"
          },
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C47D72C-9B6B-4E52-AF0E-56AD58E4A930"
          },
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "039C3790-5AA2-4895-AEAE-CC84A71DB907"
          },
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4592238-D1F2-43D6-9BAB-2F63ECF9C965"
          },
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0BA78068-80E9-4E49-9056-88EAB7E3682C"
          },
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "092F366C-E8B0-4BE5-B106-0B7A73B08D34"
          },
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E7992E92-B159-4810-B895-01A9B944058A"
          },
          {
            "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BDD7AAB-2BF3-4E8C-BEE2-5217E2926C11"
          },
          {
            "criteria": "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6D700C5-F67F-4FFB-BE69-D524592A3D2E"
          },
          {
            "criteria": "cpe:2.3:a:netapp:solidfire_\\&_hci_storage_node:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D452B464-1200-4B72-9A89-42DC58486191"
          },
          {
            "criteria": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD7447BC-F315-4298-A822-549942FC118B"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89612649-BACF-4FAC-9BA4-324724FD93A6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F3D9B255-C1AF-42D1-BF9B-13642FBDC080"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD7CFE0E-9D1E-4495-B302-89C3096FC0DF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F63A3FA7-AAED-4A9D-9FDE-6195302DA0F6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5921A877-18BF-43FE-915C-D226E140ACFC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7296A1F2-D315-4FD5-8A73-65C480C855BE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
