mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
428 lines
12 KiB
JSON
428 lines
12 KiB
JSON
{
|
|
"id": "CVE-2021-21507",
|
|
"sourceIdentifier": "security_alert@emc.com",
|
|
"published": "2021-04-30T21:15:08.597",
|
|
"lastModified": "2021-05-10T19:54:30.157",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX Switch Module firmware versions prior to 2.0.0.82 contain a Weak Password Encryption Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable system with privileges of the compromised account."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Dell EMC Networking X-Series versiones anteriores a 3.0.1.8 y Dell EMC PowerEdge VRTX Module, versiones de firrmware anteriores a 2.0.0.82, contienen una vulnerabilidad de Cifrado de Contrase\u00f1a D\u00e9bil. Un atacante remoto no autenticado podr\u00eda explotar potencialmente esta vulnerabilidad, conllevando a una divulgaci\u00f3n de determinadas credenciales de usuario. El atacante puede usar las credenciales expuestas para acceder al sistema vulnerable con privilegios de la cuenta comprometida."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 9.8,
|
|
"baseSeverity": "CRITICAL"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 5.9
|
|
},
|
|
{
|
|
"source": "security_alert@emc.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
|
"attackVector": "ADJACENT_NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 8.8,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 2.8,
|
|
"impactScore": 5.9
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.0
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-326"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"source": "security_alert@emc.com",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-261"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:dell:x1008p_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "3.0.1.8",
|
|
"matchCriteriaId": "797B281A-1F97-45EA-B63B-310C631E5300"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:dell:x1008p:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D29913E0-EB40-4088-845E-478859BE9AA6"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:dell:x1018p_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "3.0.1.8",
|
|
"matchCriteriaId": "CDA3F68D-0C01-4235-8A6C-317D7FAF4EC4"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:dell:x1018p:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B86EE4BF-6DA7-4F74-9116-FCC93A5D0C8B"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:dell:x1026p_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "3.0.1.8",
|
|
"matchCriteriaId": "DE3522DC-9259-4B4B-BD11-B6106C5F4C8E"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:dell:x1026p:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "470280E0-8C95-40E1-B523-F6D8A998FDA2"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:dell:x1052p_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "3.0.1.8",
|
|
"matchCriteriaId": "A657AA7A-4462-4AEF-A377-57B99066B142"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:dell:x1052p:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1BCA777B-BA3F-4585-8F42-D3EF3F3E805D"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:dell:x4012_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "3.0.1.8",
|
|
"matchCriteriaId": "0013FB8E-D762-4D5A-929E-C4FF1064A122"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:dell:x4012:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "44113AAD-07FF-45DB-BDCF-A21BF483E286"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:dell:r1-2401_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "2.0.0.82",
|
|
"matchCriteriaId": "D5F70190-8D9F-4A81-AF65-0559346960AA"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:dell:r1-2401:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0D1BA0CC-6EC3-4B4D-BC40-EAF3B1CD54C3"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:dell:r1-2210_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "2.0.0.82",
|
|
"matchCriteriaId": "1CC4E63C-90E4-4606-9953-7FB8242E83E4"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:dell:r1-2210:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C987205B-1645-41F7-8F0C-10ADF28B6106"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:dell:x1008_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "3.0.1.8",
|
|
"matchCriteriaId": "600B25AD-39D3-4A94-88DC-BEDBEC32E490"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:dell:x1008:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A34519BF-43D5-4D05-984F-EF4F584B5756"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:dell:x1018_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "3.0.1.8",
|
|
"matchCriteriaId": "5B705EFB-0224-4719-B77D-FFD86FA99B37"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:dell:x1018:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "66BE7D70-2B8F-4B94-A9F2-E2CD89CE1762"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:dell:x1026_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "3.0.1.8",
|
|
"matchCriteriaId": "0DC0ADD8-7AFE-41EA-B30B-32629E364355"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:dell:x1026:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "ACB73FAE-5682-42FA-A423-23B1FC193244"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:dell:x1052_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "3.0.1.8",
|
|
"matchCriteriaId": "CD4C67D4-0009-4FF0-AEE5-D3ACA36E3796"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:dell:x1052:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "93A4CE96-3213-4BBA-8C31-8CFB3001BCC1"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://www.dell.com/support/kbdoc/000185252",
|
|
"source": "security_alert@emc.com",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |