This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

The Community is now in read-only mode to prepare for the launch of the new Flexera Community. During this time, you will be unable to register, log in, or access customer resources. Click here for more information.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Need clarification on severity rating for SA103136

jess_saini
By
Level 2

SA103136 - This is coming across as low in Flexera database, however the CVE's have a score of High

CVE-2021-21995 - CVSS v3 score is 7.5

CVE-2021-21994 - CVSS v3 score is 9.8

 

Can someone please help clarify on the severity rating for this advisory?

‎Jul 23, 2021 09:54 AM

0 Kudos
(2) Replies

ChrisG
By Level 20 Flexeran
Level 20 Flexeran
As general comment, Secunia Research typically makes its ratings based on active consideration of more vulnerability exploitation metrics compared to NVD or other public vendors. When the product usage context analysis is applied, the CVSS scoring in SVM might differ from the public one.
 
For details on how scoring has been applied for specific CVEs, you may wish open a case with Flexera Support who can connect you with the Secunia Research team.
(Did my reply solve the question? Click "ACCEPT AS SOLUTION" to help others find answers faster. Liked something? Click "KUDO". Anything expressed here is my own view and not necessarily that of my employer, Flexera.)

‎Jul 27, 2021 06:07 PM

0 Kudos

jess_saini
By
Level 2
In response to ChrisG

Thanks, got the clarification from Flexera.

‎Aug 06, 2021 03:58 AM

0 Kudos
Top Kudoed Authors
View all