U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2021-37852

Change History

Initial Analysis 2/11/2022 2:35:31 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:windows:*:* versions from (including) 6.6.2046.0 up to (excluding) 7.3.2055.0
     *cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:windows:*:* versions from (including) 8.0 up to (excluding) 8.0.2028.3
     *cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:windows:*:* versions from (including) 8.1 up to (excluding) 8.1.2031.4
     *cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:windows:*:* versions from (including) 9.0 up to (excluding) 9.0.2032.6
     *cpe:2.3:a:eset:endpoint_security:*:*:*:*:*:windows:*:* versions from (including) 6.6.2046.0 up to (excluding) 7.3.2055.0
     *cpe:2.3:a:eset:endpoint_security:*:*:*:*:*:windows:*:* versions from (including) 8.0 up to (excluding) 8.0.2028.3
     *cpe:2.3:a:eset:endpoint_security:*:*:*:*:*:windows:*:* versions from (including) 8.1 up to (excluding) 8.1.2031.4
     *cpe:2.3:a:eset:endpoint_security:*:*:*:*:*:windows:*:* versions from (including) 9.0 up to (excluding) 9.0.2032.6
     *cpe:2.3:a:eset:file_security:*:*:*:*:*:windows_server:*:* versions from (including) 7.0.12014.0 up to (including) 7.3.12006.0
     *cpe:2.3:a:eset:internet_security:*:*:*:*:*:windows:*:* versions from (including) 10.0.337.1 up to (excluding) 15.0.18.0
     *cpe:2.3:a:eset:mail_security:*:*:*:*:*:exchange_server:*:* versions from (including) 7.0.10019 up to (excluding) 7.3.10014.0
     *cpe:2.3:a:eset:mail_security:*:*:*:*:*:domino:*:* versions from (including) 7.0.14008.0 up to (excluding) 7.3.14003.0
     *cpe:2.3:a:eset:mail_security:*:*:*:*:*:domino:*:* versions from (including) 8.0 up to (excluding) 8.0.14006.0
     *cpe:2.3:a:eset:mail_security:*:*:*:*:*:exchange_server:*:* versions from (including) 8.0.10012.0 up to (excluding) 8.0.10018.0
     *cpe:2.3:a:eset:nod32_antivirus:*:*:*:*:*:windows:*:* versions from (including) 10.0.337.1 up to (including) 15.0.18.0
     *cpe:2.3:a:eset:security:*:*:*:*:*:sharepoint:*:* versions from (including) 7.0.15008.0 up to (including) 8.0.15004.0
     *cpe:2.3:a:eset:server_security:*:*:*:*:azure:*:*:* versions from (including) 7.0.12016.1002 up to (including) 7.2.12004.1000
     *cpe:2.3:a:eset:server_security:8.0.12003.0:*:*:*:*:windows_server:*:*
     *cpe:2.3:a:eset:server_security:8.0.12003.1:*:*:*:*:windows_server:*:*
     *cpe:2.3:a:eset:smart_security:*:*:*:*:-:windows:*:* versions from (including) 10.0.337.1 up to (including) 15.0.18.0
     *cpe:2.3:a:eset:smart_security:*:*:*:*:premium:windows:*:* versions from (including) 10.0.337.1 up to (including) 15.0.18.0
Added CVSS V2

								
							
							
						
NIST (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Added CVSS V3.1

								
							
							
						
NIST AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
NIST CWE-863
Changed Reference Type
https://support.eset.com/en/ca8223-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windows No Types Assigned
https://support.eset.com/en/ca8223-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windows Vendor Advisory
Changed Reference Type
https://www.zerodayinitiative.com/advisories/ZDI-22-148/ No Types Assigned
https://www.zerodayinitiative.com/advisories/ZDI-22-148/ Third Party Advisory, VDB Entry