HIGH✓ PATCH🇬🇧 English

CVE-2021-36320

CVSS 7.5v3.1pub. 2021-11-20upd. 2024-11-21

Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially hijack a session and access the webserver by forging the session ID.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Dell X1008

    HW
    Dell
    wszystkie wersje
  • Dell X1008 Firmware

    OS
    Dell
    < 3.0.1.8
  • Dell X1008p

    HW
    Dell
    wszystkie wersje
  • Dell X1008p Firmware

    OS
    Dell
    < 3.0.1.8
  • Dell X1018

    HW
    Dell
    wszystkie wersje
  • Dell X1018 Firmware

    OS
    Dell
    < 3.0.1.8
  • Dell X1018p

    HW
    Dell
    wszystkie wersje
  • Dell X1018p Firmware

    OS
    Dell
    < 3.0.1.8
  • Dell X1026

    HW
    Dell
    wszystkie wersje
  • Dell X1026 Firmware

    OS
    Dell
    < 3.0.1.8
  • Dell X1026p

    HW
    Dell
    wszystkie wersje
  • Dell X1026p Firmware

    OS
    Dell
    < 3.0.1.8
  • Dell X1052

    HW
    Dell
    wszystkie wersje
  • Dell X1052 Firmware

    OS
    Dell
    < 3.0.1.8
  • Dell X1052p

    HW
    Dell
    wszystkie wersje
  • Dell X1052p Firmware

    OS
    Dell
    < 3.0.1.8
  • Dell X4012

    HW
    Dell
    wszystkie wersje
  • Dell X4012 Firmware

    OS
    Dell
    < 3.0.1.8
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2021-36321HIGH7.5ten sam produkt

Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an improper input validation vulnerability...

CVE-2021-21507HIGH8.8ten sam produkt

Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX Switch Module firm...

CVE-2020-5330HIGH8.1ten sam produkt

Dell EMC Networking X-Series firmware versions 3.0.1.2 and older, Dell EMC Networking PC5500 firmware versions...

CVE-2021-36322MEDIUM6.1ten sam produkt

Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection vulnerability. A r...

CVE-2026-22769CRITICAL10.0⚠ KEVPL ✓ten sam vendor

Dell RecoverPoint for VMs — zahardkodowane dane uwierzytelniające (RCE, root)