How severe is CVE-2021-43393?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.2 out of 10.

What type of vulnerability is CVE-2021-43393?

This is classified as CWE-347, which is a common weakness in software security.

CVE-2021-43393

MEDIUM Year: 2021

CVSS v3 Score

6.2

Medium

CVSS v2 Score

1.9

Low

Weakness Type

CWE-347

View all →

Vulnerability Description

STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed configuration and J-SIGN (when signature verification is activated) but not for J-SAFE3 EPASS BAC and EAC products. It might also impact other products based on the J-SAFE-3 Java Card platform.

CVE-2019-1736

MEDIUM

CVSS:6.2(Medium)

A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot validation che...

CWE-3472019

CVE-2021-43392

MEDIUM

CVSS:6.2(Medium)

STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to obtain information on cryptographic secrets. This is associated with the ECDSA signature algorithm on the Java...

CWE-3472021

CVE-2022-31807

HIGH

CVSS:6.2(Medium)

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions), SiPass integrated ACC-AP (All versions). Affected devices do not properly check the integrity of firmware updat...

CWE-3472022

CVE-2024-2307

MEDIUM

CVSS:6.1(Medium)

A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing unt...

CWE-3472024

CVE-2018-18203

MEDIUM

CVSS:6.4(Medium)

A vulnerability in the update mechanism of Subaru StarLink Harman head units 2017, 2018, and 2019 may give an attacker (with physical access to the vehicle's USB ports) the ability to rewrite the firm...

CWE-3472018

CVE-2019-1809

MEDIUM

CVSS:6.4(Medium)

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software pa...

CWE-3472019

CVE-2021-43393

Vulnerability Description

Related Vulnerabilities

CVE-2019-1736

CVE-2021-43392

CVE-2022-31807

CVE-2024-2307

CVE-2018-18203

CVE-2019-1809