Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2021-26349

Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA).

  • Published: May 11, 2022
  • Updated: Apr 14, 2023
  • CVE: CVE-2021-26349
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

  • Severity: Low
  • Score: 2.1
  • AV:L/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
amd / epyc_7763_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7713p_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7713_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7663_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7643_firmware - milanpi-sp3_1.0.0.7
amd / epyc_75f3_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7543p_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7543_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7513_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7453_firmware - milanpi-sp3_1.0.0.7
amd / epyc_74f3_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7443p_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7443_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7413_firmware - milanpi-sp3_1.0.0.7
amd / epyc_73f3_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7343_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7313p_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7313_firmware - milanpi-sp3_1.0.0.7
amd / epyc_72f3_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7773x_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7473x_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7573x_firmware - milanpi-sp3_1.0.0.7
amd / epyc_7373x_firmware - milanpi-sp3_1.0.0.7