CVE-2021-36306

Summary

Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on the affected system.

Affected Software

VendorProductVersion RangeStatus
DellNetworking OSunspecified < OS10 10.4.3.8,OS10 10.5.0.6C3,OS10 10.5.0.10,OS10 10.5.1.10,OS10 10.5.2.8,OS10 10.5.3.0P1,OS10 10.5.2.3kccaffected

Weaknesses

  • CWE-287: CWE-287: Improper Authentication

ADP Enrichment

CVE Program Container

Additional References

References