Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially hijack a session and access the webserver by forging the session ID.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
History
21 Nov 2024, 06:13
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.dell.com/support/kbdoc/en-us/000193230/dsa-2021-191-dell-networking-x-series-security-update-for-multiple-security-vulnerabilities - Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 7.5 |
Information
Published : 2021-11-20 02:15
Updated : 2024-11-21 06:13
NVD link : CVE-2021-36320
Mitre link : CVE-2021-36320
CVE.ORG link : CVE-2021-36320
JSON object : View
Products Affected
dell
- x1008p_firmware
- x1018_firmware
- x1026_firmware
- x1026p_firmware
- x1026p
- x1018
- x1026
- x1052
- x1052_firmware
- x1018p
- x1008p
- x1008_firmware
- x1008
- x4012_firmware
- x4012
- x1018p_firmware
- x1052p_firmware
- x1052p
CWE
CWE-331
Insufficient Entropy