What is CVE-2021-32521?

CVE-2021-32521 is a high-severity vulnerability in Qsan Sanos, classified under Use of Hard-coded Password. CVSS score: 7.3/10. Published 2021-07-07.

How severe is CVE-2021-32521?

High severity. CVSS v3 base score is 7.3 out of 10.

Vulnerability in Qsan Sanos

CVE-2021-32521

Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local attackers to escalate privileges. Suggest contacting with QSAN and refer to recommendations in QSAN Document.

EPSS: 0.003 (53.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.3 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L.

Affected products

Qsan Sanos — versions unspecified
Qsan Storage Manager — versions unspecified
Qsan Xevo — versions unspecified

Weakness classification (CWE)

CWE-259 — Use of Hard-coded Password

References

www.twcert.org.tw/tw/cp-132-4877-7b696-1.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-32521?: CVE-2021-32521 is a high-severity vulnerability in Qsan Sanos, classified under Use of Hard-coded Password. CVSS score: 7.3/10. Published 2021-07-07.
How severe is CVE-2021-32521?: High severity. CVSS v3 base score is 7.3 out of 10.