What is CVE-2021-47974?

CVE-2021-47974 is a high-severity vulnerability in Vxsearch Vx Search, classified under Unquoted Search Path or Element. CVSS score: 7.8/10. Published 2026-05-16.

How severe is CVE-2021-47974?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Vxsearch Vx Search

CVE-2021-47974

VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path dir…

EPSS: 0.000 (2.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Vxsearch Vx Search — versions 13.5.28

Weakness classification (CWE)

CWE-428 — Unquoted Search Path or Element

References

disclosure@vulncheck.com (exploit)
disclosure@vulncheck.com (product)
disclosure@vulncheck.com (third-party-advisory)

Frequently asked questions

What is CVE-2021-47974?: CVE-2021-47974 is a high-severity vulnerability in Vxsearch Vx Search, classified under Unquoted Search Path or Element. CVSS score: 7.8/10. Published 2026-05-16.
How severe is CVE-2021-47974?: High severity. CVSS v3 base score is 7.8 out of 10.