How severe is CVE-2021-28249?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2021-28249?

This is classified as CWE-426, which is a common weakness in software security.

CVE-2021-28249 - HIGH Severity | CVSS 8.8

Vulnerability Description

CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the writable RPATH, to be dynamically linked when the FtpCollector executable is run. The code in the library will be executed as the root user. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Related Vulnerabilities

CVE-2016-1417

HIGH

CVSS:8.8(High)

Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tcapi.dll that is located in the same ...

CWE-4262016

CVE-2017-2149

HIGH

CVSS:8.8(High)

Untrusted search path vulnerability in installers of the software for SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool V1.00.03 and earlier, SDHC Memory Card with embedded wi...

CWE-4262017

CVE-2017-2177

HIGH

CVSS:8.8(High)

Untrusted search path vulnerability in Installer of Shogyo Touki Denshi Ninsho Software Ver 1.7 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

CWE-4262017

CVE-2017-2178

HIGH

CVSS:8.8(High)

Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspe...

CWE-4262017

CVE-2017-2206

HIGH

CVSS:8.8(High)

Untrusted search path vulnerability in the installer of SaAT Netizen ver.1.2.10.510 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

CWE-4262017

CVE-2017-2207

HIGH

CVSS:8.8(High)

Untrusted search path vulnerability in the installer of SaAT Personal ver.1.0.10.272 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

CWE-4262017