Dell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual Appliance versions before 9.1.0.27, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit.
References
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 03:30
Type | Values Removed | Values Added |
---|---|---|
Summary | Dell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual Appliance versions before 9.1.0.27, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit. |
24 Mar 2023, 13:30
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-295 | |
References | (MISC) https://www.dell.com/support/kbdoc/en-uk/000189606/dsa-2021-134-dell-emc-unisphere-for-powermax-dell-emc-unisphere-for-powermax-virtual-appliance-dell-emc-solutions-enabler-virtual-appliance-and-dell-emc-powermax-embedded-management-security-update-for-multiple-third-party-component-vulnerabilities - Vendor Advisory | |
First Time |
Dell emc Unisphere For Powermax
Dell emc Unisphere For Powermax Virtual Appliance Dell Dell powermax Os |
|
CPE | cpe:2.3:a:dell:emc_unisphere_for_powermax:*:*:*:*:*:*:*:* cpe:2.3:a:dell:emc_unisphere_for_powermax_virtual_appliance:*:*:*:*:*:*:*:* cpe:2.3:o:dell:powermax_os:5978:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.4 |
17 Mar 2023, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-17 06:15
Updated : 2023-12-10 14:48
NVD link : CVE-2021-21548
Mitre link : CVE-2021-21548
CVE.ORG link : CVE-2021-21548
JSON object : View
Products Affected
dell
- emc_unisphere_for_powermax_virtual_appliance
- emc_unisphere_for_powermax
- powermax_os
CWE
CWE-295
Improper Certificate Validation