Executive Summary

Informations
Name CVE-2021-27216 First vendor Publication 2021-05-06
Vendor Cve Last vendor Modification 2022-06-28

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
Overall CVSS Score 6.3
Base Score 6.3 Environmental Score 6.3
impact SubScore 5.2 Temporal Score 6.3
Exploitabality Sub Score 1
 
Attack Vector Local Attack Complexity High
Privileges Required Low User Interaction None
Scope Unchanged Confidentiality Impact None
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:N/I:C/A:C)
Cvss Base Score 6.3 Attack Range Local
Cvss Impact Score 9.2 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. By leveraging a delete_pid_file race condition, a local user can delete arbitrary files as root. This involves the -oP and -oPX options.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27216

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-362 Race Condition

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 141

Sources (Detail)

Source Url
MISC https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28007-LFDIR...

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2022-10-21 01:58:49
  • Multiple Updates
2022-07-08 01:58:17
  • Multiple Updates
2021-05-14 05:22:48
  • Multiple Updates
2021-05-06 17:28:43
  • Multiple Updates
2021-05-06 17:23:04
  • First insertion