CVE-2021-36307

Summary

Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vulnerability to gain admin privileges on the affected system.

Affected Software

VendorProductVersion RangeStatus
DellNetworking OSunspecified < OS10 10.4.3.8,OS10 10.5.0.6C3,OS10 10.5.0.10,OS10 10.5.1.10,OS10 10.5.2.8,OS10 10.5.3.0P1,OS10 10.5.2.3kccaffected

Weaknesses

  • CWE-269: CWE-269: Improper Privilege Management

ADP Enrichment

CVE Program Container

Additional References

References