Details of VAR-202211-0596

ID

VAR-202211-0596

CVE

CVE-2021-26251

TITLE

Intel's Intel OpenVINO Input verification vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-020535

DESCRIPTION

Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Toolkit may allow an authenticated user to potentially enable denial of service via network access. Intel's Intel OpenVINO There is an input validation vulnerability in.Service operation interruption (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2021-26251 // JVNDB: JVNDB-2021-020535 // VULHUB: VHN-407673

AFFECTED PRODUCTS

vendor:	intel	model:	openvino	scope:	lt	version:	2021.4.2	Trust: 1.0
vendor:	インテル	model:	intel openvino	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel openvino	scope:	eq	version:	2021.4.2	Trust: 0.8
vendor:	インテル	model:	intel openvino	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-020535 // NVD: CVE-2021-26251

CVSS

SEVERITY

CVSSV2

CVSSV3

secure@intel.com:	CVE-2021-26251
value:	MEDIUM
Trust: 1.0
nvd@nist.gov:	CVE-2021-26251
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2021-26251
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202211-2633
value:	MEDIUM
Trust: 0.6

secure@intel.com:	CVE-2021-26251
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.6
impactScore:	3.6
version:	3.1
Trust: 1.0
nvd@nist.gov:	CVE-2021-26251
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2021-26251
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2021-020535 // CNNVD: CNNVD-202211-2633 // NVD: CVE-2021-26251 // NVD: CVE-2021-26251

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.1
problemtype:	Inappropriate input confirmation (CWE-20) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-407673 // JVNDB: JVNDB-2021-020535 // NVD: CVE-2021-26251

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202211-2633

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202211-2633

PATCH

title:

Intel Distribution of OpenVINO(TM) Toolkit Enter the fix for the verification error vulnerability

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=214677

Trust: 0.6

sources: CNNVD: CNNVD-202211-2633

EXTERNAL IDS

db:	NVD	id:	CVE-2021-26251	Trust: 3.3
db:	JVN	id:	JVNVU94499505	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-020535	Trust: 0.8
db:	AUSCERT	id:	ESB-2022.5832	Trust: 0.6
db:	CNNVD	id:	CNNVD-202211-2633	Trust: 0.6
db:	VULHUB	id:	VHN-407673	Trust: 0.1

sources: VULHUB: VHN-407673 // JVNDB: JVNDB-2021-020535 // CNNVD: CNNVD-202211-2633 // NVD: CVE-2021-26251

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00642.html	Trust: 2.5
url:	https://jvn.jp/vu/jvnvu94499505/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-26251	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2022.5832	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2021-26251/	Trust: 0.6

sources: VULHUB: VHN-407673 // JVNDB: JVNDB-2021-020535 // CNNVD: CNNVD-202211-2633 // NVD: CVE-2021-26251

SOURCES

db:	VULHUB	id:	VHN-407673
db:	JVNDB	id:	JVNDB-2021-020535
db:	CNNVD	id:	CNNVD-202211-2633
db:	NVD	id:	CVE-2021-26251

LAST UPDATE DATE

2025-02-06T21:56:32.071000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-407673	date:	2022-11-17T00:00:00
db:	JVNDB	id:	JVNDB-2021-020535	date:	2023-11-07T08:19:00
db:	CNNVD	id:	CNNVD-202211-2633	date:	2022-11-18T00:00:00
db:	NVD	id:	CVE-2021-26251	date:	2025-02-05T21:15:13.517

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-407673	date:	2022-11-11T00:00:00
db:	JVNDB	id:	JVNDB-2021-020535	date:	2023-11-07T00:00:00
db:	CNNVD	id:	CNNVD-202211-2633	date:	2022-11-11T00:00:00
db:	NVD	id:	CVE-2021-26251	date:	2022-11-11T16:15:10.840