CVE-2021-32521

Summary

Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local attackers to escalate privileges. Suggest contacting with QSAN and refer to recommendations in QSAN Document.

Affected Software

VendorProductVersion RangeStatus
QSANStorage Managerunspecified <= 3.3.1affected
QSANXEVOunspecified < 1.2.0affected
QSANSANOSunspecified <= 2.0.0affected

Weaknesses

  • CWE-259: CWE-259 Use of Hard-coded Password

ADP Enrichment

CVE Program Container

Additional References

References