What is CVE-2021-32672?

CVE-2021-32672 is a medium-severity vulnerability in Netapp Management_services_for_element_software, classified under Out-of-bounds Read. CVSS score: 5.3/10. Published 2021-10-04.

How severe is CVE-2021-32672?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Out-of-bounds Read in Netapp Management_services_for_element_software

CVE-2021-32672

Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all…

Vulnerability class: Buffer Overflow

EPSS: 0.017 (74.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Netapp Management_services_for_element_software
Netapp Management_services_for_netapp_hci
Oracle Communications_operations_monitor — versions 4.3, 4.4, 5.0
Redis — versions >= 3.2.0, < 5.0.14, >= 6.0.0, < 6.0.16, >= 6.0.0, < 6.2.6
Debian Debian_linux — versions 10.0, 11.0
Fedoraproject Fedora — versions 33, 34, 35
Redhat Enterprise_linux — versions 8.0
Redhat Software_collections

Weakness classification (CWE)

CWE-125 — Out-of-bounds Read

References

security-advisories@github.com (x_refsource_CONFIRM, Third Party Advisory)
security-advisories@github.com (Patch, Third Party Advisory, x_refsource_MISC)
security-advisories@github.com (x_refsource_FEDORA, vendor-advisory)
security-advisories@github.com (x_refsource_FEDORA, vendor-advisory)
security-advisories@github.com (x_refsource_FEDORA, vendor-advisory)
security-advisories@github.com (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
security-advisories@github.com (Patch, Third Party Advisory, x_refsource_MISC)
security-advisories@github.com (x_refsource_CONFIRM, Third Party Advisory)
security-advisories@github.com (vendor-advisory, Third Party Advisory, x_refsource_GENTOO)

Frequently asked questions

What is CVE-2021-32672?: CVE-2021-32672 is a medium-severity vulnerability in Netapp Management_services_for_element_software, classified under Out-of-bounds Read. CVSS score: 5.3/10. Published 2021-10-04.
How severe is CVE-2021-32672?: Medium severity. CVSS v3 base score is 5.3 out of 10.