CVE-2021-29215

{"id": "CVE-2021-29215", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-01-18T17:15:08.267", "references": [{"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbez04196en_us", "tags": ["Vendor Advisory"], "source": "security-alert@hpe.com"}, {"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbez04196en_us", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A potential security vulnerability in HPE Ezmeral Data Fabric that may allow a remote access restriction bypass in the TEZ MapR ecosystem component was discovered in version(s): Prior to Tez-0.8: mapr-tez-0.8.201907081100-1.noarch; prior to Tez-0.9: mapr-tez-0.9.201907090334-1.noarch; prior to Tez-0.9.2: mapr-tez-0.9.2.0.201907081043-1.noarch. HPE has provided software updates to resolve the vulnerability in the TEZ MapR ecosystem component in HPE Ezmeral Data Fabric."}, {"lang": "es", "value": "Se ha detectado una posible vulnerabilidad de seguridad en HPE Ezmeral Data Fabric que puede permitir una omisi\u00f3n de restricci\u00f3n de acceso remoto en el componente del ecosistema TEZ MapR en las versiones Anteriores a Tez-0.8: mapr-tez-0.8.201907081100-1.noarch; anteriores a Tez-0.9: mapr-tez-0.9.201907090334-1.noarch; anteriores a Tez-0.9.2: mapr-tez-0.9.2.0.201907081043-1.noarch. HPE ha proporcionado actualizaciones de software para resolver la vulnerabilidad en el componente del ecosistema TEZ MapR en HPE Ezmeral Data Fabric"}], "lastModified": "2024-11-21T06:00:50.547", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hpe:tez:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FBA9289-6DB0-4AF4-AD39-AB3762607474", "versionEndIncluding": "0.8.201907081100-1.noarch", "versionStartIncluding": "0.8"}, {"criteria": "cpe:2.3:a:hpe:tez:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F7DF1E5-8DEB-454F-A00F-DE0AEE3D884D", "versionEndExcluding": "0.9.201907090334-1.noarch", "versionStartIncluding": "0.9"}, {"criteria": "cpe:2.3:a:hpe:tez:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFFC8A68-7DCB-4F73-A158-543CE9AB6ECF", "versionEndIncluding": "0.9.2.0.201907081043-1.noarch", "versionStartIncluding": "0.9.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hpe:ezmeral_data_fabric:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F5BCF94C-4525-43AB-AFE1-8840F8C21A6F"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security-alert@hpe.com"}