CVE-2021-3522
MediumUpdated
Published: 02 June 2021
Published
02 June 2021
Modified
28 May 2026
KEV Added
—
Patch
—
CVSS Score v3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
0.0013
32.0th percentile
Risk Priority
11
60% EPSS · 20% KEV · 20% CVSS
Summary
CVE-2021-3522 is a medium-severity Out-of-bounds Read (CWE-125) vulnerability in Netapp Active Iq Unified Manager. Its CVSS base score is 5.5 (Medium).
Operationally, ranked at the 32.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2021-26838
Vulnerability details
GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
gstreamer
gstreamer
≤ 1.18.4
netapp
active iq unified manager
all versions
netapp
e-series santricity os controller
11.0.0 — 11.70.1
netapp
e-series santricity storage manager
all versions
netapp
e-series santricity web services
all versions
netapp
hci management node
all versions
netapp
oncommand insight
all versions
netapp
oncommand workflow automation
all versions
netapp
santricity unified manager
all versions
netapp
snapmanager
all versions
+2 more product configuration(s) — see NVD for full list
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.