CVE-2021-36309
7.1
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure vulnerability. An authenticated malicious user with access to the system may use the TACACS\Radius credentials stored to read sensitive information and use it in further attacks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell | Enterprise SONiC OS | unspecified < 3.4.0 | affected |
Weaknesses
- CWE-256: CWE-256: Unprotected Storage of Credentials
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.