Lucene search

K
cve[email protected]CVE-2021-35083
HistoryJun 14, 2022 - 10:15 a.m.

CVE-2021-35083

2022-06-1410:15:00
CWE-125
web.nvd.nist.gov
53
2
cve
2021
35083
out of bound read
validation
certificate chain
ssl
internet key exchange
snapdragon auto
snapdragon compute
snapdragon connectivity
snapdragon consumer electronics connectivity
snapdragon consumer iot
snapdragon industrial iot
snapdragon mobile
snapdragon voice & music
snapdragon wearables
nvd

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

9 High

AI Score

Confidence

High

9.4 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:N/A:C

0.001 Low

EPSS

Percentile

47.7%

Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Social References

More

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

9 High

AI Score

Confidence

High

9.4 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:N/A:C

0.001 Low

EPSS

Percentile

47.7%

Related for CVE-2021-35083