CVE-2021-36276

Dell DBUtilDrv2.sys driver (versions 2.5 and 2.6) contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:dell:dbutildrv2.sys_firmware:2.5:*:*:*:*:*:*:*
cpe:2.3:o:dell:dbutildrv2.sys_firmware:2.6:*:*:*:*:*:*:*

History

25 Apr 2022, 19:58

Type Values Removed Values Added
CWE CWE-552 NVD-CWE-Other

17 Aug 2021, 17:29

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : 4.6
v3 : 7.8
References (CONFIRM) https://www.dell.com/support/kbdoc/en-us/000190105/dsa-2021-152-dell-client-platform-security-update-for-an-insufficient-access-control-vulnerability-in-the-dell-dbutildrv2-sys-driverĀ - (CONFIRM) https://www.dell.com/support/kbdoc/en-us/000190105/dsa-2021-152-dell-client-platform-security-update-for-an-insufficient-access-control-vulnerability-in-the-dell-dbutildrv2-sys-driverĀ - Patch, Vendor Advisory
CWE CWE-552
CPE cpe:2.3:o:dell:dbutildrv2.sys_firmware:2.5:*:*:*:*:*:*:*
cpe:2.3:o:dell:dbutildrv2.sys_firmware:2.6:*:*:*:*:*:*:*

09 Aug 2021, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-08-09 21:15

Updated : 2023-12-10 13:55


NVD link : CVE-2021-36276

Mitre link : CVE-2021-36276

CVE.ORG link : CVE-2021-36276


JSON object : View

Products Affected

dell

  • dbutildrv2.sys_firmware
CWE
NVD-CWE-Other CWE-285

Improper Authorization