CVE-2021-32024

{"id": "CVE-2021-32024", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2021-12-13T19:15:07.840", "references": [{"url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000089042", "tags": ["Patch", "Vendor Advisory"], "source": "secure@blackberry.com"}, {"url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000089042", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process."}, {"lang": "es", "value": "Una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en el c\u00f3dec de im\u00e1genes BMP de BlackBerry QNX SDP versiones 6.4 a 7.1, podr\u00eda permitir a un atacante ejecutar potencialmente c\u00f3digo en el contexto del proceso afectado"}], "lastModified": "2024-11-21T06:06:44.233", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:blackberry:qnx_software_development_platform:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6421B8DD-71CF-42E4-8C89-A91E7FFC9D65", "versionEndIncluding": "7.1", "versionStartIncluding": "6.4.0"}], "operator": "OR"}]}], "sourceIdentifier": "secure@blackberry.com"}