{"id": "CVE-2021-36284", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 0.8}, {"type": "Secondary", "source": "security_alert@emc.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 1.5}]}, "published": "2021-09-28T20:15:07.623", "references": [{"url": "https://www.dell.com/support/kbdoc/000191495", "tags": ["Vendor Advisory"], "source": "security_alert@emc.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security_alert@emc.com", "description": [{"lang": "en", "value": "CWE-307"}]}], "descriptions": [{"lang": "en", "value": "Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive admin password attempt mitigations in order to carry out a brute force attack."}, {"lang": "es", "value": "Dell BIOS contiene una vulnerabilidad de Restricci\u00f3n Inapropiada de Intentos de Autenticaci\u00f3n Excesivos. Un administrador local autenticado y malicioso podr\u00eda explotar esta vulnerabilidad para omitir las mitigaciones de intentos excesivos de contrase\u00f1as de administrador con el fin de llevar a cabo un ataque de fuerza bruta"}], "lastModified": "2021-10-04T14:25:25.063", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_5310_2-in-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B2CF6E2-8512-4D71-961C-29C88BAEF03E", "versionEndExcluding": "1.7.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_5310_2-in-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3450591B-8A2D-406A-97BE-6ACBB06BC1A5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_5320_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72FB1EAF-DF14-4A68-AD9B-70538DB08906", "versionEndExcluding": "1.7.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_5320:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FB9F1715-604A-4787-AED0-7ADE6D0464C6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_5400_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEB777DF-C803-48C9-A1E3-CD7950A16FCF", "versionEndExcluding": "1.7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_5400:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EA6BB99C-65CE-43D8-8034-F9844285747E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_5411_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86FF435E-0A1C-4C40-A32A-22EBFB040407", "versionEndExcluding": "1.6.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_5411:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C5A8645F-E50A-4041-ACD2-B93D325E3AAC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_5500_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD0AEF5A-7E9F-4DF2-9573-02C881C742B1", "versionEndExcluding": "1.8.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_5500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F5EDBEF3-D117-4F6C-8373-FC744D327128"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_5520_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B54F0782-67A8-4091-B69C-D41897047CBE", "versionEndExcluding": "1.6.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_5520:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E2AC36F7-FC4B-4CA4-91F3-8337C8F34681"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_5511_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D30F0B6-4F36-4E89-A170-456872963883", "versionEndExcluding": "1.7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_5511:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1C8D607D-A84D-439B-8CAE-1A2D0876EF69"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7212_rugged_extreme_tablet_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2134A61A-3D90-4C8D-8DCB-2C55E893CEC8", "versionEndExcluding": "1.7.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7212_rugged_extreme_tablet:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D63A20A1-663E-4DF6-AEEF-CCD48418B4F2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7280_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4BBC541-F201-4F1B-9AB8-C80A8B82B235", "versionEndExcluding": "1.9.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7280:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2D5D3133-9388-49CF-A85D-2247A4DD9C4C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7320_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DABC1A44-2DF8-4F52-8956-557860FAD185", "versionEndExcluding": "1.7.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7320:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C96134C6-3187-4DE4-8598-428C3544EFFC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7370_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0DC4899-D3BC-4D72-AF31-7540F4F5CBD7", "versionEndExcluding": "1.7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7370:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "82234546-AF33-45FC-BF50-2AA8FD38A5A1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7420_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5E22E5D-AC80-43CA-90BB-2B7BA08F7061", "versionEndExcluding": "1.7.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7420:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7B9C08D4-AA20-4EB9-8FDF-615E60BA3B88"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7480_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37CD34BA-4EED-4201-A0D5-2F6AD6377F14", "versionEndExcluding": "1.7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7480:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CA90466D-6AE9-4030-ACFF-033E75A39CBD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_9410_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5FC37F7B-C2E8-4621-8FA6-A3F1B1618AF8", "versionEndExcluding": "1.7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_9410:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CE3F01FD-FC66-4DA7-A041-976B0AFA370A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_9510_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB924E1C-1C37-4018-91F1-98FD3A996427", "versionEndExcluding": "1.7.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_9510:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4A3C6284-3A69-4388-842C-6AC3CD3A7706"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_9520_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "585831FB-53C8-403D-8F23-FC468896FA2D", "versionEndExcluding": "1.6.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_9520:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "34819A78-F2DE-4AE0-A26C-027E990A4226"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:optiplex_3080_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4ECE2F97-345F-445E-B1AB-0F93A3692132", "versionEndExcluding": "1.5.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:optiplex_3080:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0175705A-13B6-44D6-9F7A-CC32F0A68A03"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:optiplex_3280_aio_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCD0FE00-E57F-493A-A550-70B61D52CF81", "versionEndExcluding": "1.2.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:optiplex_3280_aio:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "807F9ED8-8D8E-44E4-AAEC-A461FA5B7CC1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:optiplex_7480_aio_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB33E83C-B0F4-4A8C-9808-C3EAC521B47A", "versionEndExcluding": "1.2.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:optiplex_7480_aio:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7C18C627-75FD-42A0-B5FD-AC8D966C5308"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:precision_3551_ffirmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C40504AB-B51A-42D6-8F98-B7C782E6008B", "versionEndExcluding": "1.6.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:precision_3551:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "44961E7D-2003-4DC1-80D8-045A2A35C279"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:precision_3640_tower_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0504C0D5-8207-4F2D-98C1-73221D4C4515", "versionEndExcluding": "1.7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:precision_3640_tower:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "02ABB4CF-0B99-4348-82C9-328B1E7506E8"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security_alert@emc.com"}