CVE-2021-21522

{"id": "CVE-2021-21522", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 0.8}, {"type": "Secondary", "source": "security_alert@emc.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.5}]}, "published": "2021-09-28T20:15:07.397", "references": [{"url": "https://www.dell.com/support/kbdoc/000191495", "tags": ["Vendor Advisory"], "source": "security_alert@emc.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "security_alert@emc.com", "description": [{"lang": "en", "value": "CWE-255"}]}], "descriptions": [{"lang": "en", "value": "Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageability Interface."}, {"lang": "es", "value": "Dell BIOS contiene un problema de Administraci\u00f3n de Credenciales. Un usuario malicioso autenticado localmente puede explotar potencialmente esta vulnerabilidad para conseguir acceso a informaci\u00f3n confidencial en un almacenamiento NVMe al restablecer la contrase\u00f1a del BIOS en el sistema por medio de la interfaz de administraci\u00f3n"}], "lastModified": "2023-06-30T17:51:46.287", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_5285_2-in-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "686A4B01-36E4-47F6-9071-C0B80B2FC8FB", "versionEndExcluding": "1.13.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_5285_2-in-1:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "97FC59FC-A909-4C92-8C50-4AA00A909507"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_5289_2-in-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B1E1EEC-EFC3-4898-8D3E-B144C1E66D5D", "versionEndExcluding": "1.23.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_5289_2-in-1:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DE0F2BAA-BCBD-4DA0-A68C-5E3F30B7A271"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_5310_2-in-1_firmware:1.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4B3950E-9847-40E7-BED4-E0FA2094232B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_5310_2-in-1:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F5EA2D37-C540-4707-A1F0-6CAB51C6E276"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_5290_2-in-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A79606E0-2F13-43A1-A963-3BEDAA23AAEE", "versionEndExcluding": "1.16.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_5290_2-in-1:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "62AA0342-2273-49F4-95F2-5F28F628761B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7210_2-in-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FEEA091-4CFA-4E98-88A9-2A4090572EEF", "versionEndExcluding": "1.7.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7210_2-in-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E37D006F-587F-4D6C-B382-1552C15FF360"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7212_rugged_extreme_tablet_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "438527CB-7BD2-486A-AF38-78E34D11258C", "versionEndExcluding": "1.33.0"}, {"criteria": "cpe:2.3:o:dell:latitude_7212_rugged_extreme_tablet_firmware:1.33.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE337A91-47C1-4316-8E7C-D443CDCBFE87"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7212_rugged_extreme_tablet:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D63A20A1-663E-4DF6-AEEF-CCD48418B4F2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7280_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BC8923D-C494-44F5-98DD-EE926ED741B9", "versionEndExcluding": "1.21.1"}, {"criteria": "cpe:2.3:o:dell:latitude_7280_firmware:1.21.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FEE41B2-0B67-4DEA-8445-BDDB786EB73E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7280:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2D5D3133-9388-49CF-A85D-2247A4DD9C4C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7290_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62F52B6E-7791-41D1-A2F3-9EF0B8E8FF4E", "versionEndExcluding": "1.20.0"}, {"criteria": "cpe:2.3:o:dell:latitude_7290_firmware:1.20.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA86A522-E1A1-47B7-9AAC-DA1C5AE62A83"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7290:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "359A2878-C996-4FD2-9AB6-B33531E2F630"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7285_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6790E2D8-4D94-4DC3-9D86-69BE4F2F8CF6", "versionEndExcluding": "1.11.0"}, {"criteria": "cpe:2.3:o:dell:latitude_7285_firmware:1.11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A30BBC4D-3547-4A09-AFAF-3151E8E54E55"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7285:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5F15F433-B614-402F-90AC-805AFA0FA340"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7370_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4975A36F-4855-4F5C-B7EC-305590AFE6BD", "versionEndExcluding": "1.24.3"}, {"criteria": "cpe:2.3:o:dell:latitude_7370_firmware:1.24.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD7425DC-A4E9-47E8-90BC-C7840E2B90B7"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7370:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "82234546-AF33-45FC-BF50-2AA8FD38A5A1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7310_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5F63B7A-B704-4800-8983-52FABE96FD5F", "versionEndExcluding": "1.7.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7310:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FFEDD8F7-2EF0-4A6F-9F51-60100D317BF8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7380_firmware:1.21.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F03B20F-1719-4CDE-8EBA-4CBE13669720"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7380:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A1786B67-E621-4B2B-848A-B0F442719E94"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7389_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "310B2EF0-4822-4D6E-93AE-1167B4B32E51", "versionEndExcluding": "1.23.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7389:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0952C9F6-0AB7-4DEA-B6AA-76159A2F7C42"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7390_firmware:1.20.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "122F6BAE-0EDE-49EA-ABED-AFA0B2783D69"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7390:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4D8C3716-4E1C-4D32-BC94-81D7FB838FFC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7410_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "489006EE-91B1-4A29-82FC-71F948C8F4D5", "versionEndExcluding": "1.7.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7410:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5D3B023F-99A9-49EF-90F9-13D83CA69293"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7390_2-in-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0A80B44-3BD5-466C-A6C1-333E61E0D9B4", "versionEndExcluding": "1.19.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7390_2-in-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C127AF83-FC01-4774-9ADC-7DFA02C8237B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7420_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45F41BDC-91C7-4E76-B3D4-9EDAA6B6A5DB", "versionEndExcluding": "1.7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7420:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7B9C08D4-AA20-4EB9-8FDF-615E60BA3B88"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7480_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2AC7636-8A86-49BD-837D-EB8363F7B551", "versionEndExcluding": "1.21.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7480:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CA90466D-6AE9-4030-ACFF-033E75A39CBD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_7490_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82AE84E5-D854-4222-B54C-EDE3F09465F6", "versionEndExcluding": "1.20.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_7490:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "26AD9A87-7D62-4566-A1B8-E843176E2E38"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_9410_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C74D109A-2D68-4AA4-868F-A97D5B02F719", "versionEndExcluding": "1.7.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_9410:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CE3F01FD-FC66-4DA7-A041-976B0AFA370A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:latitude_9510_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97BB1F59-A83F-49D5-8B33-7D14B1CAF49A", "versionEndExcluding": "1.6.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:latitude_9510:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4A3C6284-3A69-4388-842C-6AC3CD3A7706"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:precision_3640_tower_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E072F027-08F7-42CA-AA54-F354CF66D09B", "versionEndExcluding": "1.6.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:precision_3640_tower:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "02ABB4CF-0B99-4348-82C9-328B1E7506E8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:precision_5520_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05BF69BB-400F-4CD7-B81B-2364CF184B7F", "versionEndExcluding": "1.23.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:precision_5520:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CBBFE522-7630-4BED-9B2C-2AC12CA693DE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:precision_5510_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C14A0E0-ACF0-487A-8253-1A848CF7171B", "versionEndExcluding": "1.17.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:precision_5510:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EE40F051-53DE-451C-ABFC-2695771A96DF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:precision_5530_2-in-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B26CFEE6-91EF-4267-8692-7767ADAE2BCC", "versionEndExcluding": "1.14.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:precision_5530_2-in-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "30622F6E-2F6D-482B-AA1E-65DA4A4B1679"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:xps_13_9360_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "717140CF-2F38-440B-A855-74E4CA3EE827", "versionEndExcluding": "2.16.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:xps_13_9360:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "573AF858-3312-4470-AC6B-72E466C93859"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:xps_13_9370_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E61E1FC-4E3F-44D7-AB2C-29F70E724639", "versionEndExcluding": "1.15.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:xps_13_9370:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "353FAC21-3AC5-4563-BEE7-7C5DCB1C7C76"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:xps_15_9575_2-in-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69AFDBB7-EE07-4D89-8FB8-E1A939DC88D6", "versionEndExcluding": "1.16.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:xps_15_9575_2-in-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "129C0F2A-F75C-4C60-9A6C-63B96AF08CDD"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security_alert@emc.com"}