7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.004 Low
EPSS
Percentile
73.0%
A vulnerability in the email parsing module in Clam AntiVirus (ClamAV)
Software version 0.103.1 and all prior versions could allow an
unauthenticated, remote attacker to cause a denial of service condition on
an affected device. The vulnerability is due to improper variable
initialization that may result in an NULL pointer read. An attacker could
exploit this vulnerability by sending a crafted email to an affected
device. An exploit could allow the attacker to cause the ClamAV scanning
process crash, resulting in a denial of service condition.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | clamav | < 0.103.2+dfsg-0ubuntu0.18.04.1 | UNKNOWN |
ubuntu | 20.04 | noarch | clamav | < 0.103.2+dfsg-0ubuntu0.20.04.1 | UNKNOWN |
ubuntu | 20.10 | noarch | clamav | < 0.103.2+dfsg-0ubuntu0.20.10.1 | UNKNOWN |
ubuntu | 14.04 | noarch | clamav | < 0.103.2+dfsg-0ubuntu0.14.04.1+esm1) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
ubuntu | 16.04 | noarch | clamav | < 0.103.2+dfsg-0ubuntu0.16.04.1 | UNKNOWN |
blog.clamav.net/2021/04/clamav-01032-security-patch-release.html
launchpad.net/bugs/cve/CVE-2021-1405
nvd.nist.gov/vuln/detail/CVE-2021-1405
security-tracker.debian.org/tracker/CVE-2021-1405
ubuntu.com/security/notices/USN-4918-1
ubuntu.com/security/notices/USN-4918-2
ubuntu.com/security/notices/USN-4918-3
www.cve.org/CVERecord?id=CVE-2021-1405
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.004 Low
EPSS
Percentile
73.0%