Vulnerability in Att Xmill
CVE-2021-21814
Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to strlen to determine the ending location of the char* passed in by the user, n…
EPSS: 0.003 (26.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Att Xmill — versions 0.7
- N/a At&t — versions AT&T Labs Xmill 0.7
Weakness classification (CWE)
References
- talos-cna@cisco.com (Exploit, Third Party Advisory, x_refsource_MISC)
Frequently asked questions
- What is CVE-2021-21814?
- CVE-2021-21814 is a high-severity vulnerability in Att Xmill, classified under Argument Injection. CVSS score: 7.8/10. Published 2021-08-13.
- How severe is CVE-2021-21814?
- High severity. CVSS v3 base score is 7.8 out of 10.