NVD CNA Status

CVSS v3.1 Statistics for openEuler as of 01/27/2024

Total Number CVEs Submitted

Number of Metrics Compared

Acceptance Level Thresholds

Total Number CVEs Reviewed

Analyst Match Count

Reference

0-69.9%

Acceptance Level

Reference

Match Percent

73.4

Contributor

70-94.9%

Provider

95-100%

CVE	CNA Value	Alignment	NIST Value	Reason
CVE-2021-33630 (8 of 8)	Attack Vector (AV) Local		Attack Vector (AV) Local
	Attack Complexity (AC) Low		Attack Complexity (AC) Low
	Privileges Required (PR) Low		Privileges Required (PR) Low
	User Interaction (UI) None		User Interaction (UI) None
	Scope (S) Unchanged		Scope (S) Unchanged
	Confidentiality (C) None		Confidentiality (C) None
	Integrity (I) None		Integrity (I) None
	Availability (A) High		Availability (A) High
CVE-2021-33631 (6 of 8)	Attack Vector (AV) Local		Attack Vector (AV) Local
	Attack Complexity (AC) Low		Attack Complexity (AC) Low
	Privileges Required (PR) Low		Privileges Required (PR) Low
	User Interaction (UI) None		User Interaction (UI) None
	Scope (S) Unchanged		Scope (S) Unchanged
	Confidentiality (C) None	≠	Confidentiality (C) High	No limiting factors for confidentiality listed
	Integrity (I) None	≠	Integrity (I) High	No limiting factors for integrity listed
	Availability (A) High		Availability (A) High
CVE-2021-33634 (7 of 8)	Attack Vector (AV) Local		Attack Vector (AV) Local
	Attack Complexity (AC) Low		Attack Complexity (AC) Low
	Privileges Required (PR) None		Privileges Required (PR) None
	User Interaction (UI) Required		User Interaction (UI) Required
	Scope (S) Changed	≠	Scope (S) Unchanged	Unclear if Scope change occurs. No identification of security boundaries being crossed.
	Confidentiality (C) None		Confidentiality (C) None
	Integrity (I) None		Integrity (I) None
	Availability (A) High		Availability (A) High
CVE-2021-33635 (6 of 8)	Attack Vector (AV) Network	≠	Attack Vector (AV) Local	AV:L due to file parsed local to vulnerable component
	Attack Complexity (AC) Low		Attack Complexity (AC) Low
	Privileges Required (PR) None		Privileges Required (PR) None
	User Interaction (UI) None	≠	User Interaction (UI) Required	Internet browsing, Link clicking and/or file interaction identified
	Scope (S) Unchanged		Scope (S) Unchanged
	Confidentiality (C) High		Confidentiality (C) High
	Integrity (I) High		Integrity (I) High
	Availability (A) High		Availability (A) High
CVE-2021-33636 (7 of 8)	Attack Vector (AV) Local		Attack Vector (AV) Local
	Attack Complexity (AC) Low		Attack Complexity (AC) Low
	Privileges Required (PR) None		Privileges Required (PR) None
	User Interaction (UI) None	≠	User Interaction (UI) Required	Internet browsing, Link clicking and/or file interaction identified
	Scope (S) Unchanged		Scope (S) Unchanged
	Confidentiality (C) High		Confidentiality (C) High
	Integrity (I) High		Integrity (I) High
	Availability (A) High		Availability (A) High
CVE-2021-33637 (4 of 8)	Attack Vector (AV) Local		Attack Vector (AV) Local
	Attack Complexity (AC) Low		Attack Complexity (AC) Low
	Privileges Required (PR) None	≠	Privileges Required (PR) Low	Local attacker typically implies some privilege level needed
	User Interaction (UI) None		User Interaction (UI) None
	Scope (S) Unchanged	≠	Scope (S) Changed	Security boundary cross identified
	Confidentiality (C) High	≠	Confidentiality (C) None	No confidentiality impacts identified
	Integrity (I) High		Integrity (I) High
	Availability (A) High	≠	Availability (A) None	No availability impacts identified
CVE-2021-33638 (4 of 8)	Attack Vector (AV) Local		Attack Vector (AV) Local
	Attack Complexity (AC) Low		Attack Complexity (AC) Low
	Privileges Required (PR) None	≠	Privileges Required (PR) Low	Local attacker typically implies some privilege level needed
	User Interaction (UI) None		User Interaction (UI) None
	Scope (S) Unchanged	≠	Scope (S) Changed	Security boundary cross identified
	Confidentiality (C) High	≠	Confidentiality (C) None	No confidentiality impacts identified
	Integrity (I) High		Integrity (I) High
	Availability (A) High	≠	Availability (A) None	No availability impacts identified
CVE-2021-33640 (5 of 8)	Attack Vector (AV) Local	≠	Attack Vector (AV) Network	Applied AV:N due to lack of available Information for NVD Analyst
	Attack Complexity (AC) Low		Attack Complexity (AC) Low
	Privileges Required (PR) None		Privileges Required (PR) None
	User Interaction (UI) None		User Interaction (UI) None
	Scope (S) Unchanged		Scope (S) Unchanged
	Confidentiality (C) None	≠	Confidentiality (C) High	No limiting factors for confidentiality listed
	Integrity (I) None	≠	Integrity (I) High	No limiting factors for integrity listed
	Availability (A) High		Availability (A) High

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

NVD

CVSS v3.1 Statistics for openEuler as of 01/27/2024