CVE-2021-36295

CWE-78OS Command Injection3 documents3 sources
Severity
7.2HIGH
EPSS
0.9%
top 23.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Dell VNX Control StationDell EMC Unity Operating Environment
Timeline
PublishedJan 25
Latest updateJan 27

Description

Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. A remote malicious user with privileges may exploit this vulnerability to execute commands on the system.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages2 packages

CVEListV5dell/vnx_control_stationunspecifiedTBD

🔴Vulnerability Details

2
GHSA
GHSA-xj65-m9r8-w48c: Dell VNX2 OE for File versions 82022-01-27
CVEList
CVE-2021-36295: Dell VNX2 OE for File versions 82022-01-25
CVE-2021-36295 (HIGH CVSS 7.2) | Dell VNX2 OE for File versions 8.1. | cvebase.io