CVE-2021-36307
8.8
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vulnerability to gain admin privileges on the affected system.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell | Networking OS | unspecified < OS10 10.4.3.8,OS10 10.5.0.6C3,OS10 10.5.0.10,OS10 10.5.1.10,OS10 10.5.2.8,OS10 10.5.3.0P1,OS10 10.5.2.3kcc | affected |
Weaknesses
- CWE-269: CWE-269: Improper Privilege Management
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.