CVE-2021-42371
CRITICALXoruX LPAR2RRD & STOR2RRD <7.30 - Info Disclosure
Title source: llmDescription
lpar2rrd is a hardcoded system account in XoruX LPAR2RRD and STOR2RRD before 7.30.
References (3)
Core 3
Core References
Release Notes, Vendor Advisory x_refsource_confirm
https://stor2rrd.com/note730.php
Release Notes, Vendor Advisory x_refsource_confirm
https://lpar2rrd.com/note730.php
Third Party Advisory x_refsource_misc
https://github.com/orangecertcc/security-research/security/advisories/GHSA-p2fq-9h5j-x6w5
Scores
CVSS v3
9.8
EPSS
0.0151
EPSS Percentile
71.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-922
Status
published
Products (2)
xorux/lpar2rrd
< 7.30
xorux/stor2rrd
< 7.30
Published
Nov 08, 2021
Tracked Since
Feb 18, 2026