CVE-2021-21595

MEDIUM

6.0

Description

Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special elements used in an OS command. This vulnerability could allow the compadmin user to elevate privileges. This only impacts Smartlock WORM compliance mode clusters as a critical vulnerability and Dell recommends to update/upgrade at the earliest opportunity.

Details CVE

Score CVSS v3.16.0

SeveriteMEDIUM

Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Vecteur d'attaqueLOCAL

ComplexiteLOW

Privileges requisHIGH

Interaction utilisateurNONE

Publie8/16/2021

Derniere modification11/21/2024

Sourcenvd

Observations honeypot0

Produits affectes

dell:emc_powerscale_onefs

Faiblesses (CWE)

CWE-77CWE-77

References

https://www.dell.com/support/kbdoc/000190408(security_alert@emc.com)

https://www.dell.com/support/kbdoc/000190408(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.