CVE-2021-36294
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authentication bypass vulnerability. A remote unauthenticated attacker may exploit this vulnerability by forging a cookie to login as any user.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell | VNX Control Station | unspecified < TBD | affected |
Weaknesses
- CWE-331: CWE-331: Insufficient Entropy
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.