Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv2

CVE-2021-2124

Published: 20/01/2021 Updated: 27/01/2021
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 6 | Impact Score: 4 | Exploitability Score: 1.5
VMScore: 436
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Vm Virtualbox

Vulnerability Summary

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is before 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle vm virtualbox

Vendor Advisories

Arch Linux Issues:
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core) The supported version that is affected is Prior to 6118 Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox While the vulnerability is ...

Github Repositories

https://github.com/jidoc01/jidoc-writeups

Jidoc Write-ups You can dance, you can jive Findings ID Name Credit CVE-2021-2124 Oracle VirtualBox Divide By Zero Denial-of-Service JungHyun Kim of VirtualBoBs ZDI-CAN-12407 Oracle VirtualBox (Not Revealed Yet) JungHyun Kim of VirtualBoBs ZDI-CAN-12621 Oracle VirtualBox (Not Revealed Yet) JungHyun Kim of VirtualBoBs NBB-1681 Naver Path Traversal File Download Jun

References

NVD-CWE-noinfohttps://security.gentoo.org/glsa/202101-15https://www.oracle.com/security-alerts/cpujan2021.htmlhttps://nvd.nist.govhttps://github.com/jidoc01/jidoc-writeupshttps://security.archlinux.org/CVE-2021-2124
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgeryCVE-2024-34351CVE-2024-1076CVE-2024-25522CVE-2024-34547CVE-2024-4644unauthorizedremoteCVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook