CVE-2021-36285
Severity Score
4.4
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive NVMe password attempt mitigations in order to carry out a brute force attack.
Dell BIOS contiene una vulnerabilidad de restricción inapropiada de intentos de autenticación excesivos. Un administrador local autenticado malicioso podría explotar esta vulnerabilidad para omitir las mitigaciones de intentos de contraseña excesivos de NVMe con el fin de llevar a cabo un ataque de fuerza bruta
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-07-08 CVE Reserved
- 2021-09-28 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-307: Improper Restriction of Excessive Authentication Attempts
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.dell.com/support/kbdoc/000191495 | 2021-10-04 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dell Search vendor "Dell" | Latitude 5310 2-in-1 Firmware Search vendor "Dell" for product "Latitude 5310 2-in-1 Firmware" | < 1.7.0 Search vendor "Dell" for product "Latitude 5310 2-in-1 Firmware" and version " < 1.7.0" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude 5310 2-in-1 Search vendor "Dell" for product "Latitude 5310 2-in-1" | - | - |
Safe
|
| Dell Search vendor "Dell" | Latitude 5320 Firmware Search vendor "Dell" for product "Latitude 5320 Firmware" | < 1.7.0 Search vendor "Dell" for product "Latitude 5320 Firmware" and version " < 1.7.0" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude 5320 Search vendor "Dell" for product "Latitude 5320" | - | - |
Safe
|
| Dell Search vendor "Dell" | Latitude 5400 Firmware Search vendor "Dell" for product "Latitude 5400 Firmware" | < 1.7.1 Search vendor "Dell" for product "Latitude 5400 Firmware" and version " < 1.7.1" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude 5400 Search vendor "Dell" for product "Latitude 5400" | - | - |
Safe
|
| Dell Search vendor "Dell" | Latitude 5411 Firmware Search vendor "Dell" for product "Latitude 5411 Firmware" | < 1.6.0 Search vendor "Dell" for product "Latitude 5411 Firmware" and version " < 1.6.0" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude 5411 Search vendor "Dell" for product "Latitude 5411" | - | - |
Safe
|
| Dell Search vendor "Dell" | Latitude 5500 Firmware Search vendor "Dell" for product "Latitude 5500 Firmware" | < 1.8.0 Search vendor "Dell" for product "Latitude 5500 Firmware" and version " < 1.8.0" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude 5500 Search vendor "Dell" for product "Latitude 5500" | - | - |
Safe
|
| Dell Search vendor "Dell" | Latitude 5520 Firmware Search vendor "Dell" for product "Latitude 5520 Firmware" | < 1.6.0 Search vendor "Dell" for product "Latitude 5520 Firmware" and version " < 1.6.0" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude 5520 Search vendor "Dell" for product "Latitude 5520" | - | - |
Safe
|
| Dell Search vendor "Dell" | Latitude 5511 Firmware Search vendor "Dell" for product "Latitude 5511 Firmware" | < 1.7.1 Search vendor "Dell" for product "Latitude 5511 Firmware" and version " < 1.7.1" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude 5511 Search vendor "Dell" for product "Latitude 5511" | - | - |
Safe
|
| Dell Search vendor "Dell" | Latitude 7212 Rugged Extreme Tablet Firmware Search vendor "Dell" for product "Latitude 7212 Rugged Extreme Tablet Firmware" | < 1.7.0 Search vendor "Dell" for product "Latitude 7212 Rugged Extreme Tablet Firmware" and version " < 1.7.0" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude 7212 Rugged Extreme Tablet Search vendor "Dell" for product "Latitude 7212 Rugged Extreme Tablet" | - | - |
Safe
|
| Dell Search vendor "Dell" | Latitude 7280 Firmware Search vendor "Dell" for product "Latitude 7280 Firmware" | < 1.9.1 Search vendor "Dell" for product "Latitude 7280 Firmware" and version " < 1.9.1" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude 7280 Search vendor "Dell" for product "Latitude 7280" | - | - |
Safe
|
| Dell Search vendor "Dell" | Latitude 7320 Firmware Search vendor "Dell" for product "Latitude 7320 Firmware" | < 1.7.0 Search vendor "Dell" for product "Latitude 7320 Firmware" and version " < 1.7.0" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude 7320 Search vendor "Dell" for product "Latitude 7320" | - | - |
Safe
|
| Dell Search vendor "Dell" | Latitude 7370 Firmware Search vendor "Dell" for product "Latitude 7370 Firmware" | < 1.7.1 Search vendor "Dell" for product "Latitude 7370 Firmware" and version " < 1.7.1" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude 7370 Search vendor "Dell" for product "Latitude 7370" | - | - |
Safe
|
| Dell Search vendor "Dell" | Latitude 7420 Firmware Search vendor "Dell" for product "Latitude 7420 Firmware" | < 1.7.0 Search vendor "Dell" for product "Latitude 7420 Firmware" and version " < 1.7.0" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude 7420 Search vendor "Dell" for product "Latitude 7420" | - | - |
Safe
|
| Dell Search vendor "Dell" | Latitude 7480 Firmware Search vendor "Dell" for product "Latitude 7480 Firmware" | < 1.7.1 Search vendor "Dell" for product "Latitude 7480 Firmware" and version " < 1.7.1" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude 7480 Search vendor "Dell" for product "Latitude 7480" | - | - |
Safe
|
| Dell Search vendor "Dell" | Latitude 9410 Firmware Search vendor "Dell" for product "Latitude 9410 Firmware" | < 1.7.1 Search vendor "Dell" for product "Latitude 9410 Firmware" and version " < 1.7.1" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude 9410 Search vendor "Dell" for product "Latitude 9410" | - | - |
Safe
|
| Dell Search vendor "Dell" | Latitude 9510 Firmware Search vendor "Dell" for product "Latitude 9510 Firmware" | < 1.7.0 Search vendor "Dell" for product "Latitude 9510 Firmware" and version " < 1.7.0" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude 9510 Search vendor "Dell" for product "Latitude 9510" | - | - |
Safe
|
| Dell Search vendor "Dell" | Latitude 9520 Firmware Search vendor "Dell" for product "Latitude 9520 Firmware" | < 1.6.0 Search vendor "Dell" for product "Latitude 9520 Firmware" and version " < 1.6.0" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude 9520 Search vendor "Dell" for product "Latitude 9520" | - | - |
Safe
|
| Dell Search vendor "Dell" | Optiplex 3080 Firmware Search vendor "Dell" for product "Optiplex 3080 Firmware" | < 1.5.2 Search vendor "Dell" for product "Optiplex 3080 Firmware" and version " < 1.5.2" | - |
Affected
| in | Dell Search vendor "Dell" | Optiplex 3080 Search vendor "Dell" for product "Optiplex 3080" | - | - |
Safe
|
| Dell Search vendor "Dell" | Optiplex 3280 Aio Firmware Search vendor "Dell" for product "Optiplex 3280 Aio Firmware" | < 1.2.0 Search vendor "Dell" for product "Optiplex 3280 Aio Firmware" and version " < 1.2.0" | - |
Affected
| in | Dell Search vendor "Dell" | Optiplex 3280 Aio Search vendor "Dell" for product "Optiplex 3280 Aio" | - | - |
Safe
|
| Dell Search vendor "Dell" | Optiplex 7480 Aio Firmware Search vendor "Dell" for product "Optiplex 7480 Aio Firmware" | < 1.2.0 Search vendor "Dell" for product "Optiplex 7480 Aio Firmware" and version " < 1.2.0" | - |
Affected
| in | Dell Search vendor "Dell" | Optiplex 7480 Aio Search vendor "Dell" for product "Optiplex 7480 Aio" | - | - |
Safe
|
| Dell Search vendor "Dell" | Precision 3551 Ffirmware Search vendor "Dell" for product "Precision 3551 Ffirmware" | < 1.6.2 Search vendor "Dell" for product "Precision 3551 Ffirmware" and version " < 1.6.2" | - |
Affected
| in | Dell Search vendor "Dell" | Precision 3551 Search vendor "Dell" for product "Precision 3551" | - | - |
Safe
|
| Dell Search vendor "Dell" | Precision 3640 Tower Firmware Search vendor "Dell" for product "Precision 3640 Tower Firmware" | < 1.7.1 Search vendor "Dell" for product "Precision 3640 Tower Firmware" and version " < 1.7.1" | - |
Affected
| in | Dell Search vendor "Dell" | Precision 3640 Tower Search vendor "Dell" for product "Precision 3640 Tower" | - | - |
Safe
|