Cyber Resilience

CVE-2021-3522

MediumUpdated

Published: 02 June 2021

Published
02 June 2021
Modified
28 May 2026
KEV Added
Patch
CVSS Score v3.1 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score 0.0013 32.0th percentile
Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-3522 is a medium-severity Out-of-bounds Read (CWE-125) vulnerability in Netapp Active Iq Unified Manager. Its CVSS base score is 5.5 (Medium).

Operationally, ranked at the 32.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

gstreamer
gstreamer
≤ 1.18.4
netapp
active iq unified manager
all versions
netapp
e-series santricity os controller
11.0.0 — 11.70.1
netapp
e-series santricity storage manager
all versions
netapp
e-series santricity web services
all versions
netapp
hci management node
all versions
netapp
oncommand insight
all versions
netapp
oncommand workflow automation
all versions
netapp
santricity unified manager
all versions
netapp
snapmanager
all versions
+2 more product configuration(s) — see NVD for full list

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References