How severe is CVE-2021-39022?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.2 out of 10.

What type of vulnerability is CVE-2021-39022?

This is classified as CWE-1236, which is a common weakness in software security.

CVE-2021-39022

MEDIUM Year: 2021

CVSS v3 Score

6.2

Medium

CVSS v2 Score

6.8

Medium

Weakness Type

CWE-1236

View all →

Vulnerability Description

IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by spreadsheet software. IBM X-Force ID: 213858.

CVE-2018-12244

MEDIUM

CVSS:6.3(Medium)

SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby a...

CWE-12362018

CVE-2020-10780

MEDIUM

CVSS:6.3(Medium)

Red Hat CloudForms 4.7 and 5 is affected by CSV Injection flaw, a crafted payload stays dormant till a victim export as CSV and opens the file with Excel. Once the victim opens the file, the formula e...

CWE-12362020

CVE-2021-24016

MEDIUM

CVSS:6.3(Medium)

An improper neutralization of formula elements in a csv file in Fortinet FortiManager version 6.4.3 and below, 6.2.7 and below allows attacker to execute arbitrary commands via crafted IPv4 field in p...

CWE-12362021

CVE-2022-37786

MEDIUM

CVSS:6.3(Medium)

An issue was discovered in WeCube Platform 3.2.2. There are multiple CSV injection issues: the [Home / Admin / Resources] page, the [Home / Admin / System Params] page, and the [Home / Design / Baseke...

CWE-12362022