CVE-2021-36294

Critical

Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authentication bypass vulnerability. A remote unauthenticated attacker…

dell·CWE-331·Published 2022-01-25

CVSS

9.8

EPSS

0.02

KEV

Exploits

cve.orgen

209 chars

Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authentication bypass vulnerability. A remote unauthenticated attacker may exploit this vulnerability by forging a cookie to login as any user.

NVDen

209 chars

NVDes

251 chars

Dell VNX2 OE for File versiones 8.1.21.266 y anteriores, contienen una vulnerabilidad de omisión de autenticación. Un atacante remoto no autenticado puede explotar esta vulnerabilidad al falsificar una cookie para iniciar sesión como cualquier usuario

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H