CVE-2021-21502
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a "use of SSH key past account expiration" vulnerability. A user on the network with the ISI_PRIV_AUTH_SSH RBAC privilege that has an expired account may potentially exploit this vulnerability, giving them access to the same things they had before account expiration. This may by a high privileged account and hence Dell recommends customers upgrade at the earliest opportunity.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell | PowerScale OneFS | unspecified < 8.1.2 / 8.2.2 / 9.1.0.x / Empire / Main | affected |
Weaknesses
- Other
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.