CVE-2021-21548

Dell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual Appliance versions before 9.1.0.27, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:dell:powermax_os:5978:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_unisphere_for_powermax_virtual_appliance:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_unisphere_for_powermax:*:*:*:*:*:*:*:*

History

24 Mar 2023, 13:30

Type Values Removed Values Added
CWE CWE-295
References (MISC) https://www.dell.com/support/kbdoc/en-uk/000189606/dsa-2021-134-dell-emc-unisphere-for-powermax-dell-emc-unisphere-for-powermax-virtual-appliance-dell-emc-solutions-enabler-virtual-appliance-and-dell-emc-powermax-embedded-management-security-update-for-multiple-third-party-component-vulnerabilities - (MISC) https://www.dell.com/support/kbdoc/en-uk/000189606/dsa-2021-134-dell-emc-unisphere-for-powermax-dell-emc-unisphere-for-powermax-virtual-appliance-dell-emc-solutions-enabler-virtual-appliance-and-dell-emc-powermax-embedded-management-security-update-for-multiple-third-party-component-vulnerabilities - Vendor Advisory
First Time Dell emc Unisphere For Powermax
Dell emc Unisphere For Powermax Virtual Appliance
Dell
Dell powermax Os
CPE cpe:2.3:a:dell:emc_unisphere_for_powermax:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_unisphere_for_powermax_virtual_appliance:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:powermax_os:5978:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.4

17 Mar 2023, 06:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-03-17 06:15

Updated : 2023-03-24 13:30


NVD link : CVE-2021-21548

Mitre link : CVE-2021-21548


JSON object : View

Products Affected

dell

  • emc_unisphere_for_powermax_virtual_appliance
  • powermax_os
  • emc_unisphere_for_powermax
CWE
CWE-295

Improper Certificate Validation