MEDIUM✓ PATCH🇬🇧 English

CVE-2021-36327

CVSS 5.3v3.1pub. 2021-11-30upd. 2024-11-21

Dell EMC Streaming Data Platform versions before 1.3 contain a Server Side Request Forgery Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to perform port scanning of internal networks and make HTTP requests to an arbitrary domain of the attacker's choice.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  • Dell Emc Streaming Data Platform

    APP
    Dell
    < 1.3
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2021-36328HIGH8.8ten sam produkt

Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A remote malicious...

CVE-2021-36330HIGH8.1ten sam produkt

Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration Vulnerability....

CVE-2021-36326MEDIUM6.5ten sam produkt

Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interfa...

CVE-2021-36329MEDIUM6.5ten sam produkt

Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. A rem...

CVE-2026-22769CRITICAL10.0⚠ KEVPL ✓ten sam vendor

Dell RecoverPoint for VMs — zahardkodowane dane uwierzytelniające (RCE, root)