CVE-2021-4034

Red Hat Polkit Out-of-Bounds Read and Write Vulnerability

Severity Score

7.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

170

*Multiple Sources

Exploited in Wild

Yes

*KEV

Decision

Act

*SSVC

Descriptions

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.

Se encontró una vulnerabilidad de escalada de privilegios local en la utilidad pkexec de polkit. La aplicación pkexec es una herramienta setuid diseñada para permitir a usuarios sin privilegios ejecutar comandos como usuarios privilegiados de acuerdo con políticas predefinidas. La versión actual de pkexec no maneja correctamente el recuento de parámetros de llamada y termina intentando ejecutar variables de entorno como comandos. Un atacante puede aprovechar esto creando variables de entorno de tal manera que induzcan a pkexec a ejecutar código arbitrario. Cuando se ejecuta con éxito, el ataque puede provocar una escalada de privilegios locales otorgando a los usuarios sin privilegios derechos administrativos en la máquina de destino.

Red Hat Advanced Cluster Management for Kubernetes 2.4.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Issues addressed include denial of service, open redirection, privilege escalation, and traversal vulnerabilities.

The Red Hat polkit pkexec utility contains an out-of-bounds read and write vulnerability that allows for privilege escalation with administrative rights.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Act

Exploitation

Active

Automatable

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2021-11-29 CVE Reserved
2022-01-25 First Exploit
2022-01-26 CVE Published
2022-06-27 Exploited in Wild
2022-07-18 KEV Due Date
2025-02-13 CVE Updated
2025-03-24 EPSS Updated

CWE

CWE-20: Improper Input Validation
CWE-125: Out-of-bounds Read
CWE-787: Out-of-bounds Write

CAPEC

References (179)

URL	Tag	Source
http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html	Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf	Third Party Advisory
https://www.starwindsoftware.com/security/sw-20220818-0001	Third Party Advisory
https://www.suse.com/support/kb/doc/?id=000020564	Third Party Advisory

URL	Date	SRC
https://packetstorm.news/files/id/166196	2022-03-03
https://packetstorm.news/files/id/165728	2022-01-26
https://packetstorm.news/files/id/165729	2022-01-26
https://packetstorm.news/files/id/165739	2022-01-27
https://packetstorm.news/files/id/165727	2022-01-26
https://packetstorm.news/files/id/166200	2022-03-04
https://www.exploit-db.com/exploits/50689	2022-01-27
https://github.com/berdav/CVE-2021-4034	2022-01-30
https://github.com/arthepsy/CVE-2021-4034	2022-01-26
https://github.com/PwnFunction/CVE-2021-4034	2022-04-09
https://github.com/joeammond/CVE-2021-4034	2022-01-28
https://github.com/nikaiw/CVE-2021-4034	2022-01-26
https://github.com/ryaagard/CVE-2021-4034	2022-01-26
https://github.com/Rvn0xsy/CVE-2021-4034	2022-01-28
https://github.com/Ayrx/CVE-2021-4034	2022-01-27
https://github.com/zhzyker/CVE-2021-4034	2022-01-27
https://github.com/EstamelGG/CVE-2021-4034-NoGCC	2022-02-09
https://github.com/c3c/CVE-2021-4034	2022-03-30
https://github.com/dadvlingd/CVE-2021-4034	2023-02-19
https://github.com/mebeim/CVE-2021-4034	2022-01-26
https://github.com/ck00004/CVE-2021-4034	2022-02-15
https://github.com/NeonWhiteRabbit/CVE-2021-4034	2022-01-28
https://github.com/rvizx/CVE-2021-4034	2022-07-19
https://github.com/Y3A/CVE-2021-4034	2023-07-20
https://github.com/An00bRektn/CVE-2021-4034	2022-01-27
https://github.com/chenaotian/CVE-2021-4034	2022-05-23
https://github.com/Al1ex/CVE-2021-4034	2022-01-27
https://github.com/Audiobahn/CVE-2021-4034	2022-01-26
https://github.com/Yakumwamba/POC-CVE-2021-4034	2022-01-28
https://github.com/NiS3x/CVE-2021-4034	2022-01-27
https://github.com/Kirill89/CVE-2021-4034	2022-01-28
https://github.com/clubby789/CVE-2021-4034	2022-01-26
https://github.com/sofire/polkit-0.96-CVE-2021-4034	2022-01-29
https://github.com/ch4rum/CVE-2021-4034	2022-01-27
https://github.com/nobelh/CVE-2021-4034	2022-03-03
https://github.com/gbrsh/CVE-2021-4034	2022-03-16
https://github.com/dzonerzy/poc-cve-2021-4034	2024-11-16
https://github.com/ayypril/CVE-2021-4034	2023-08-02
https://github.com/wongwaituck/CVE-2021-4034	2022-01-26
https://github.com/0x05a/my-cve-2021-4034-poc	2022-01-26
https://github.com/silocityit/cve-2021-4034-playground	2022-01-25
https://github.com/J0hnbX/CVE-2021-4034-new	2022-01-26
https://github.com/Immersive-Labs-Sec/CVE-2021-4034	2023-09-27
https://github.com/kimusan/pkwner	2024-10-12
https://github.com/N1et/CVE-2021-4034	2022-01-26
https://github.com/Nero22k/CVE-2021-4034	2022-01-26
https://github.com/LukeGix/CVE-2021-4034	2022-01-26
https://github.com/aus-mate/CVE-2021-4034-POC	2022-01-26
https://github.com/moldabekov/CVE-2021-4034	2022-01-26
https://github.com/jostmart/-CVE-2021-4034	2022-01-26
https://github.com/c3l3si4n/pwnkit	2024-11-08
https://github.com/n3rdh4x0r/CVE-2021-4034	2022-01-26
https://github.com/ly4k/PwnKit	2024-12-04
https://github.com/san3ncrypt3d/CVE-2021-4034-POC	2022-01-26
https://github.com/fdellwing/CVE-2021-4034	2022-01-26
https://github.com/xcanwin/CVE-2021-4034-UniontechOS	2023-04-03
https://github.com/azminawwar/CVE-2021-4034	2022-03-23
https://github.com/PeterGottesman/pwnkit-exploit	2023-08-04
https://github.com/sunny0day/CVE-2021-4034	2022-01-26
https://github.com/artemis-mike/cve-2021-4034	2024-04-27
https://github.com/whokilleddb/CVE-2021-4034	2022-06-30
https://github.com/zcrosman/cve-2021-4034	2022-01-26
https://github.com/robemmerson/CVE-2021-4034	2022-01-26
https://github.com/luijait/PwnKit-Exploit	2024-11-07
https://github.com/Anonymous-Family/CVE-2021-4034	2022-01-26
https://github.com/phvilasboas/CVE-2021-4034	2022-01-26
https://github.com/hackingyseguridad/CVE-2021-4034	2022-11-17
https://github.com/vilasboasph/CVE-2021-4034	2022-01-28
https://github.com/callrbx/pkexec-lpe-poc	2024-12-02
https://github.com/cd80-ctf/CVE-2021-4034	2022-07-29
https://github.com/ashutoshrohilla/CVE-2021-4034	2022-04-24
https://github.com/nikip72/CVE-2021-4034	2022-01-27
https://github.com/thatstraw/CVE-2021-4034	2022-03-01
https://github.com/luckythandel/CVE-2021-4034	2022-01-27
https://github.com/Plethore/CVE-2021-4034	2022-01-27
https://github.com/evdenis/lsm_bpf_check_argc0	2024-11-22
https://github.com/tahaafarooq/poppy	2024-08-12
https://github.com/DosAmp/pkwned	2022-01-29
https://github.com/NULL0B/CVE-2021-4034	2022-01-27
https://github.com/locksec/CVE-2021-4034	2023-03-05
https://github.com/deoxykev/CVE-2021-4034-Rust	2023-05-02
https://github.com/Fato07/Pwnkit-exploit	2022-01-27
https://github.com/pengalaman-1t/CVE-2021-4034	2022-01-28
https://github.com/jpmcb/pwnkit-go	2024-01-13
https://github.com/JoyGhoshs/CVE-2021-4034	2023-12-11
https://github.com/galoget/PwnKit-CVE-2021-4034	2022-10-27
https://github.com/ayoub-elbouzi/CVE-2021-4034-Pwnkit	2022-02-08
https://github.com/Sakura-nee/CVE-2021-4034	2022-01-28
https://github.com/oreosec/pwnkit	2023-02-11
https://github.com/CYB3RK1D/CVE-2021-4034-POC	2022-03-15
https://github.com/glowbase/PwnKit-CVE-2021-4034	2022-02-06
https://github.com/codiobert/pwnkit-scanner	2022-01-30
https://github.com/v-rzh/CVE-2021-4034	2022-01-29
https://github.com/TW-D/PwnKit-Vulnerability_CVE-2021-4034	2022-01-29
https://github.com/OXDBXKXO/ez-pwnkit	2024-10-15
https://github.com/milot/dissecting-pkexec-cve-2021-4034	2022-01-30
https://github.com/0x01-sec/CVE-2021-4034-	2022-12-07
https://github.com/navisec/CVE-2021-4034-PwnKit	2024-05-24
https://github.com/Almorabea/pkexec-exploit	2024-11-09
https://github.com/teelrabbit/Polkit-pkexec-exploit-for-Linux	2022-01-31
https://github.com/scent2d/PoC-CVE-2021-4034	2022-02-01
https://github.com/HrishitJoshi/CVE-2021-4034	2022-02-02
https://github.com/Ankit-Ojha16/CVE-2021-4034	2022-02-02
https://github.com/G01d3nW01f/CVE-2021-4034	2023-01-11
https://github.com/drapl0n/pwnKit	2024-08-12
https://github.com/Joffr3y/Polkit-CVE-2021-4034-HLP	2022-02-08
https://github.com/ziadsaleemi/polkit_CVE-2021-4034	2022-02-08
https://github.com/FDlucifer/Pwnkit-go	2024-08-12
https://github.com/cspshivam/cve-2021-4034	2022-02-15
https://github.com/an0n7os/CVE-2021-4034	2022-02-12
https://github.com/DanaEpp/pwncat_pwnkit	2024-06-01
https://github.com/x04000/CVE-2021-4034	2022-02-18
https://github.com/hohn/codeql-sample-polkit	2024-11-19
https://github.com/LJP-TW/CVE-2021-4034	2022-02-19
https://github.com/fnknda/CVE-2021-4034_POC	2022-02-21
https://github.com/Tanmay-N/CVE-2021-4034	2022-02-21
https://github.com/hahaleyile/CVE-2021-4034	2022-06-22
https://github.com/movvamrocks/PwnKit-CVE-2021-4034	2022-02-28
https://github.com/Squirre17/CVE-2021-4034	2022-03-02
https://github.com/Jesrat/make_me_root	2022-03-03
https://github.com/defhacks/cve-2021-4034	2022-07-04
https://github.com/ITMarcin2211/Polkit-s-Pkexec-CVE-2021-4034	2022-03-09
https://github.com/edsonjt81/CVE-2021-4034-Linux	2022-03-10
https://github.com/nel0x/pwnkit-vulnerability	2022-06-06
https://github.com/TomSgn/CVE-2021-4034	2022-03-15
https://github.com/battleoverflow/CVE-2021-4034	2024-04-14
https://github.com/TheJoyOfHacking/berdav-CVE-2021-4034	2023-10-19
https://github.com/tzwlhack/CVE-2021-4034	2022-03-26
https://github.com/jcatala/f_poc_cve-2021-4034	2022-03-31
https://github.com/Nosferatuvjr/PwnKit	2024-11-09
https://github.com/TotallyNotAHaxxer/CVE-2021-4034	2022-12-06
https://github.com/0x4ndy/CVE-2021-4034-PoC	2022-04-26
https://github.com/antoinenguyen-09/CVE-2021-4034	2022-04-28
https://github.com/wudicainiao/cve-2021-4034	2024-10-30
https://github.com/TanmoyG1800/CVE-2021-4034	2022-06-03
https://github.com/CronoX1/CVE-2021-4034	2022-06-08
https://github.com/supportingmx/cve-2021-4034	2024-05-03
https://github.com/A1vinSmith/CVE-2021-4034	2024-04-26
https://github.com/HellGateCorp/pwnkit	2023-01-04
https://github.com/Silencecyber/cve-2021-4034	2022-08-11
https://github.com/Geni0r/cve-2021-4034-poc	2022-08-14
https://github.com/zxc2007/CVE-2021-4034	2023-03-09
https://github.com/Pixailz/CVE-2021-4034	2023-05-05
https://github.com/toecesws/CVE-2021-4034	2022-10-02
https://github.com/fei9747/CVE-2021-4034	2022-11-29
https://github.com/pyhrr0/pwnkit	2023-01-04
https://github.com/mutur4/CVE-2021-4034	2024-04-16
https://github.com/TheSermux/CVE-2021-4034	2023-06-14
https://github.com/ps-interactive/lab_cve-2021-4034-polkit-emulation-and-detection	2024-08-15
https://github.com/asepsaepdin/CVE-2021-4034	2023-07-10
https://github.com/JohnGilbert57/CVE-2021-4034-Capture-the-flag	2023-07-28
https://github.com/Part01-Pai/Polkit-Permission-promotion-compiled	2024-04-20
https://github.com/cdxiaodong/CVE-2021-4034-touch	2024-01-04
https://github.com/LucasPDiniz/CVE-2021-4034	2024-06-30
https://github.com/Pol-Ruiz/CVE-2021-4034	2024-01-16
https://github.com/cerodah/CVE-2021-4034	2024-09-19
https://github.com/FancySauce/PwnKit-CVE-2021-4034	2024-01-27
https://github.com/wechicken456/CVE-2021-4034-CTF-writeup	2024-11-06
https://github.com/ASG-CASTLE/CVE-2021-4034	2024-04-19
https://github.com/X-Projetion/Exploiting-PwnKit-CVE-2021-4034-	2024-05-19
https://github.com/evkl1d/CVE-2021-4034	2024-07-01
https://github.com/Typical0day/CVE-2021-4034	2024-07-04
https://github.com/lsclsclsc/CVE-2021-4034	2024-08-27
https://github.com/EuJin03/CVE-2021-4034-PoC	2024-10-04
https://github.com/deep-know/CVE-2021-4034	2022-11-17
https://github.com/dh4r4/PwnKit-CVE-2021-4034-	2025-01-27
https://github.com/12bijaya/CVE-2021-4034-PwnKit-	2025-02-24
http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html	2025-02-13
https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt	2025-02-13
https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034	2025-02-13

URL	Date	SRC
https://bugzilla.redhat.com/show_bug.cgi?id=2025869	2022-02-15
https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683	2024-06-28
https://www.oracle.com/security-alerts/cpuapr2022.html	2024-06-28

URL	Date	SRC
https://access.redhat.com/security/vulnerabilities/RHSB-2022-001	2022-02-15
https://access.redhat.com/security/cve/CVE-2021-4034	2022-02-15

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Siemens Search vendor "Siemens"	Scalance Lpe9403 Firmware Search vendor "Siemens" for product "Scalance Lpe9403 Firmware"	< 2.0 Search vendor "Siemens" for product "Scalance Lpe9403 Firmware" and version " < 2.0"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance Lpe9403 Search vendor "Siemens" for product "Scalance Lpe9403"	-	-	Safe
Polkit Project Search vendor "Polkit Project"		Polkit Search vendor "Polkit Project" for product "Polkit"				< 121 Search vendor "Polkit Project" for product "Polkit" and version " < 121"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Update Services For Sap Solutions Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions"				7.6 Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions" and version "7.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Update Services For Sap Solutions Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions"				7.7 Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions" and version "7.7"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"				8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop"				7.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				8.2 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "8.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Ibm Z Systems Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems"				7.0 Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Ibm Z Systems Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems"				8.0 Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems" and version "8.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Ibm Z Systems Eus Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus"				8.2 Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus" and version "8.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Ibm Z Systems Eus Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus"				8.4 Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus" and version "8.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Power Big Endian Search vendor "Redhat" for product "Enterprise Linux For Power Big Endian"				7.0 Search vendor "Redhat" for product "Enterprise Linux For Power Big Endian" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Power Little Endian Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian"				7.0 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Power Little Endian Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian"				8.0 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian" and version "8.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Power Little Endian Eus Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus"				8.1 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus" and version "8.1"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Power Little Endian Eus Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus"				8.2 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus" and version "8.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Power Little Endian Eus Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus"				8.4 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus" and version "8.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Scientific Computing Search vendor "Redhat" for product "Enterprise Linux For Scientific Computing"				7.0 Search vendor "Redhat" for product "Enterprise Linux For Scientific Computing" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server"				6.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "6.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server"				7.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.3 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.3"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.4 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.6 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.7 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.7"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				8.2 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "8.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				8.4 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "8.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus"				8.4 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "8.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				7.6 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "7.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				7.7 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "7.7"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				8.2 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "8.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				8.4 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "8.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Update Services For Sap Solutions Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions"				8.1 Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions" and version "8.1"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Update Services For Sap Solutions Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions"				8.2 Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions" and version "8.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Update Services For Sap Solutions Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions"				8.4 Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions" and version "8.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation"				7.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "7.0"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04"		esm		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04"		esm		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				18.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04"		lts		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				20.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "20.04"		lts		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				21.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "21.10"		-		Affected
Suse Search vendor "Suse"		Enterprise Storage Search vendor "Suse" for product "Enterprise Storage"				7.0 Search vendor "Suse" for product "Enterprise Storage" and version "7.0"		-		Affected
Suse Search vendor "Suse"		Linux Enterprise High Performance Computing Search vendor "Suse" for product "Linux Enterprise High Performance Computing"				15.0 Search vendor "Suse" for product "Linux Enterprise High Performance Computing" and version "15.0"		sp2		Affected
Suse Search vendor "Suse"		Manager Proxy Search vendor "Suse" for product "Manager Proxy"				4.1 Search vendor "Suse" for product "Manager Proxy" and version "4.1"		-		Affected
Suse Search vendor "Suse"		Manager Server Search vendor "Suse" for product "Manager Server"				4.1 Search vendor "Suse" for product "Manager Server" and version "4.1"		-		Affected
Suse Search vendor "Suse"		Linux Enterprise Desktop Search vendor "Suse" for product "Linux Enterprise Desktop"				15 Search vendor "Suse" for product "Linux Enterprise Desktop" and version "15"		sp2		Affected
Suse Search vendor "Suse"		Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server"				15 Search vendor "Suse" for product "Linux Enterprise Server" and version "15"		sp2		Affected
Suse Search vendor "Suse"		Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server"				15 Search vendor "Suse" for product "Linux Enterprise Server" and version "15"		sp2, sap		Affected
Suse Search vendor "Suse"		Linux Enterprise Workstation Extension Search vendor "Suse" for product "Linux Enterprise Workstation Extension"				12 Search vendor "Suse" for product "Linux Enterprise Workstation Extension" and version "12"		sp5		Affected
Oracle Search vendor "Oracle"		Http Server Search vendor "Oracle" for product "Http Server"				12.2.1.3.0 Search vendor "Oracle" for product "Http Server" and version "12.2.1.3.0"		-		Affected
Oracle Search vendor "Oracle"		Http Server Search vendor "Oracle" for product "Http Server"				12.2.1.4.0 Search vendor "Oracle" for product "Http Server" and version "12.2.1.4.0"		-		Affected
Oracle Search vendor "Oracle"		Zfs Storage Appliance Kit Search vendor "Oracle" for product "Zfs Storage Appliance Kit"				8.8 Search vendor "Oracle" for product "Zfs Storage Appliance Kit" and version "8.8"		-		Affected
Siemens Search vendor "Siemens"		Sinumerik Edge Search vendor "Siemens" for product "Sinumerik Edge"				< 3.3.0 Search vendor "Siemens" for product "Sinumerik Edge" and version " < 3.3.0"		-		Affected
Starwindsoftware Search vendor "Starwindsoftware"		Command Center Search vendor "Starwindsoftware" for product "Command Center"				1.0 Search vendor "Starwindsoftware" for product "Command Center" and version "1.0"		update3_build5871		Affected
Starwindsoftware Search vendor "Starwindsoftware"		Starwind Hyperconverged Appliance Search vendor "Starwindsoftware" for product "Starwind Hyperconverged Appliance"				-		-		Affected
Starwindsoftware Search vendor "Starwindsoftware"		Starwind Virtual San Search vendor "Starwindsoftware" for product "Starwind Virtual San"				v8 Search vendor "Starwindsoftware" for product "Starwind Virtual San" and version "v8"		build14338		Affected