Integer overflow in Netapp Management_services_for_element_software
CVE-2021-32687
Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or trigger remot…
Vulnerability class: Integer Overflow
EPSS: 0.038 (88.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Netapp Management_services_for_element_software
- Netapp Management_services_for_netapp_hci
- Oracle Communications_operations_monitor — versions 4.3, 4.4, 5.0
- Redis — versions < 5.0.14, >= 6.0.0, < 6.0.16, >= 6.2.0, < 6.2.6
- Debian Debian_linux — versions 10.0, 11.0
- Fedoraproject Fedora — versions 33, 34, 35
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM, Third Party Advisory)
- security-advisories@github.com (Patch, Third Party Advisory, x_refsource_MISC)
- security-advisories@github.com (x_refsource_FEDORA, vendor-advisory)
- security-advisories@github.com (x_refsource_FEDORA, vendor-advisory)
- security-advisories@github.com (x_refsource_FEDORA, vendor-advisory)
- security-advisories@github.com (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
- security-advisories@github.com (Patch, Third Party Advisory, x_refsource_MISC)
- security-advisories@github.com (x_refsource_CONFIRM, Third Party Advisory)
- security-advisories@github.com (vendor-advisory, Third Party Advisory, x_refsource_GENTOO)
Frequently asked questions
- What is CVE-2021-32687?
- CVE-2021-32687 is a high-severity vulnerability in Netapp Management_services_for_element_software, classified under Integer Overflow or Wraparound. CVSS score: 7.5/10. Published 2021-10-04.
- How severe is CVE-2021-32687?
- High severity. CVSS v3 base score is 7.5 out of 10.