Lucene search

[email protected]NVD:CVE-2021-32024

HistoryDec 13, 2021 - 7:15 p.m.

CVE-2021-32024

2021-12-1319:15:07

[email protected]

web.nvd.nist.gov

cve-2021-32024

bmp image codec

blackberry qnx sdp

remote code execution

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.006

Percentile

79.1%

JSON

A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process.

Affected configurations

Nvd

Node

blackberryqnx_software_development_platformRange6.4.0–7.1

VendorProductVersionCPE
blackberryqnx_software_development_platform*cpe:2.3:a:blackberry:qnx_software_development_platform:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
blackberry	qnx_software_development_platform	*	cpe:2.3:a:blackberry:qnx_software_development_platform::::::::

References

support.blackberry.com/kb/articleDetail?articleNumber=000089042

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.006

Percentile

79.1%

JSON

Related for NVD:CVE-2021-32024

cve1 prion1 cvelist1