U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2021-3712

Change History

Initial Analysis by NIST 8/31/2021 12:48:54 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:* versions from (including) 11.0 up to (including) 11.50.2
     *cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:manageability_software_development_kit:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:storage_encryption:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from (including) 1.0.2 up to (excluding) 1.0.2za
     *cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from (including) 1.1.1 up to (excluding) 1.1.1l
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
     *cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
NIST (AV:N/AC:M/Au:N/C:P/I:N/A:P)
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
Added CWE

								
							
							
						
NIST CWE-125
Changed Reference Type
http://www.openwall.com/lists/oss-security/2021/08/26/2 No Types Assigned
http://www.openwall.com/lists/oss-security/2021/08/26/2 Mailing List, Third Party Advisory
Changed Reference Type
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11 No Types Assigned
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11 Mailing List, Patch, Vendor Advisory
Changed Reference Type
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12 No Types Assigned
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12 Mailing List, Patch, Vendor Advisory
Changed Reference Type
https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E No Types Assigned
https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E Mailing List, Third Party Advisory
Changed Reference Type
https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E No Types Assigned
https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E Mailing List, Third Party Advisory
Changed Reference Type
https://security.netapp.com/advisory/ntap-20210827-0010/ No Types Assigned
https://security.netapp.com/advisory/ntap-20210827-0010/ Third Party Advisory
Changed Reference Type
https://www.debian.org/security/2021/dsa-4963 No Types Assigned
https://www.debian.org/security/2021/dsa-4963 Third Party Advisory
Changed Reference Type
https://www.openssl.org/news/secadv/20210824.txt No Types Assigned
https://www.openssl.org/news/secadv/20210824.txt Vendor Advisory