Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a sensitive information disclosure vulnerability. A local malicious user may exploit this vulnerability to read sensitive information and use it.
References
Configurations
Configuration 1 (hide)
| AND |
|
History
31 Jan 2022, 21:29
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:dell:vnx8000:-:*:*:*:*:*:*:* cpe:2.3:h:dell:vnx5400:-:*:*:*:*:*:*:* cpe:2.3:h:dell:vnx5800:-:*:*:*:*:*:*:* cpe:2.3:h:dell:vnx5600:-:*:*:*:*:*:*:* cpe:2.3:h:dell:vnx7600:-:*:*:*:*:*:*:* cpe:2.3:h:dell:vnx_vg50:-:*:*:*:*:*:*:* cpe:2.3:h:dell:vnx_vg10:-:*:*:*:*:*:*:* cpe:2.3:h:dell:vnx5200:-:*:*:*:*:*:*:* cpe:2.3:a:dell:emc_unity_operating_environment:*:*:*:*:*:*:*:* |
|
| First Time |
Dell vnx8000
Dell vnx7600 Dell vnx5200 Dell vnx5600 Dell Dell vnx5400 Dell vnx Vg10 Dell emc Unity Operating Environment Dell vnx5800 Dell vnx Vg50 |
|
| CWE | CWE-532 | |
| References | (MISC) https://www.dell.com/support/kbdoc/en-us/000191155/dsa-2021-164-dell-vnx2-control-station-security-update-for-multiple-vulnerabilities - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 7.8 |
25 Jan 2022, 23:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-01-25 23:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-36289
Mitre link : CVE-2021-36289
CVE.ORG link : CVE-2021-36289
JSON object : View
Products Affected
dell
- vnx7600
- vnx_vg50
- vnx5200
- vnx8000
- vnx_vg10
- vnx5400
- vnx5800
- emc_unity_operating_environment
- vnx5600
CWE
CWE-532
Insertion of Sensitive Information into Log File