CVE-2021-36320
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially hijack a session and access the webserver by forging the session ID.
Dell Networking X-Series versiones del firmware anteriores a 3.0.1.8, contienen una vulnerabilidad de omisión de autenticación. Un atacante remoto no autentificado puede potencialmente secuestrar una sesión y acceder al servidor web al falsificar el ID de la sesión
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-07-08 CVE Reserved
- 2021-11-20 CVE Published
- 2024-08-02 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-331: Insufficient Entropy
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.dell.com/support/kbdoc/en-us/000193230/dsa-2021-191-dell-networking-x-series-security-update-for-multiple-security-vulnerabilities | 2021-11-23 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dell Search vendor "Dell" | X1008p Firmware Search vendor "Dell" for product "X1008p Firmware" | < 3.0.1.8 Search vendor "Dell" for product "X1008p Firmware" and version " < 3.0.1.8" | - |
Affected
| in | Dell Search vendor "Dell" | X1008p Search vendor "Dell" for product "X1008p" | - | - |
Safe
|
| Dell Search vendor "Dell" | X1018p Firmware Search vendor "Dell" for product "X1018p Firmware" | < 3.0.1.8 Search vendor "Dell" for product "X1018p Firmware" and version " < 3.0.1.8" | - |
Affected
| in | Dell Search vendor "Dell" | X1018p Search vendor "Dell" for product "X1018p" | - | - |
Safe
|
| Dell Search vendor "Dell" | X1026p Firmware Search vendor "Dell" for product "X1026p Firmware" | < 3.0.1.8 Search vendor "Dell" for product "X1026p Firmware" and version " < 3.0.1.8" | - |
Affected
| in | Dell Search vendor "Dell" | X1026p Search vendor "Dell" for product "X1026p" | - | - |
Safe
|
| Dell Search vendor "Dell" | X1052p Firmware Search vendor "Dell" for product "X1052p Firmware" | < 3.0.1.8 Search vendor "Dell" for product "X1052p Firmware" and version " < 3.0.1.8" | - |
Affected
| in | Dell Search vendor "Dell" | X1052p Search vendor "Dell" for product "X1052p" | - | - |
Safe
|
| Dell Search vendor "Dell" | X4012 Firmware Search vendor "Dell" for product "X4012 Firmware" | < 3.0.1.8 Search vendor "Dell" for product "X4012 Firmware" and version " < 3.0.1.8" | - |
Affected
| in | Dell Search vendor "Dell" | X4012 Search vendor "Dell" for product "X4012" | - | - |
Safe
|
| Dell Search vendor "Dell" | X1008 Firmware Search vendor "Dell" for product "X1008 Firmware" | < 3.0.1.8 Search vendor "Dell" for product "X1008 Firmware" and version " < 3.0.1.8" | - |
Affected
| in | Dell Search vendor "Dell" | X1008 Search vendor "Dell" for product "X1008" | - | - |
Safe
|
| Dell Search vendor "Dell" | X1018 Firmware Search vendor "Dell" for product "X1018 Firmware" | < 3.0.1.8 Search vendor "Dell" for product "X1018 Firmware" and version " < 3.0.1.8" | - |
Affected
| in | Dell Search vendor "Dell" | X1018 Search vendor "Dell" for product "X1018" | - | - |
Safe
|
| Dell Search vendor "Dell" | X1026 Firmware Search vendor "Dell" for product "X1026 Firmware" | < 3.0.1.8 Search vendor "Dell" for product "X1026 Firmware" and version " < 3.0.1.8" | - |
Affected
| in | Dell Search vendor "Dell" | X1026 Search vendor "Dell" for product "X1026" | - | - |
Safe
|
| Dell Search vendor "Dell" | X1052 Firmware Search vendor "Dell" for product "X1052 Firmware" | < 3.0.1.8 Search vendor "Dell" for product "X1052 Firmware" and version " < 3.0.1.8" | - |
Affected
| in | Dell Search vendor "Dell" | X1052 Search vendor "Dell" for product "X1052" | - | - |
Safe
|