What is CVE-2021-32512?

CVE-2021-32512 is a critical-severity vulnerability in Qsan Storage Manager, classified under OS Command Injection. CVSS score: 9.8/10. Published 2021-07-07.

How severe is CVE-2021-32512?

Critical severity. CVSS v3 base score is 9.8 out of 10.

RCE in Qsan Storage Manager

CVE-2021-32512

QuickInstall in QSAN Storage Manager does not filter special parameters properly that allows remote unauthenticated attackers to inject and execute arbitrary commands. The referred vulnerability has been solved with the updated version of…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.012 (79.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Qsan Storage Manager — versions unspecified

Weakness classification (CWE)

CWE-78 — OS Command Injection

References

www.twcert.org.tw/tw/cp-132-4868-75574-1.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-32512?: CVE-2021-32512 is a critical-severity vulnerability in Qsan Storage Manager, classified under OS Command Injection. CVSS score: 9.8/10. Published 2021-07-07.
How severe is CVE-2021-32512?: Critical severity. CVSS v3 base score is 9.8 out of 10.