How severe is CVE-2021-29218?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.7 out of 10.

What type of vulnerability is CVE-2021-29218?

This is classified as CWE-428, which is a common weakness in software security.

CVE-2021-29218

MEDIUM Year: 2021

CVSS v3 Score

6.7

Medium

CVSS v2 Score

4.6

Medium

Weakness Type

CWE-428

View all →

Vulnerability Description

A local unquoted search path security vulnerability has been identified in HPE Agentless Management Service for Windows version(s): Prior to 1.44.0.0, 10.96.0.0. This vulnerability could be exploited locally by a user with high privileges to execute malware that may lead to a loss of confidentiality, integrity, and availability. HPE has provided software updates to resolve the vulnerability in HPE Agentless Management Service for Windows.

CVE-2017-14019

MEDIUM

CVSS:6.7(Medium)

An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authoriz...

CWE-4282017

CVE-2017-5873

MEDIUM

CVSS:6.7(Medium)

Unquoted Windows search path vulnerability in the guest service in Unisys s-Par before 4.4.20 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, a...

CWE-4282017

CVE-2018-14789

MEDIUM

CVSS:6.7(Medium)

In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 3.1 or prior and Xcelera Version 4.1 or prior), an unquoted search path or element vulnerability has been identified, which may al...

CWE-4282018

CVE-2019-11093

MEDIUM

CVSS:6.7(Medium)

Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local acc...

CWE-4282019

CVE-2019-6145

MEDIUM

CVSS:6.7(Medium)

Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators ca...

CWE-4282019

CVE-2019-6149

MEDIUM

CVSS:6.7(Medium)

An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with adminis...

CWE-4282019

CVE-2021-29218

Vulnerability Description

Related Vulnerabilities

CVE-2017-14019

CVE-2017-5873

CVE-2018-14789

CVE-2019-11093

CVE-2019-6145

CVE-2019-6149