Authorization Bypass Vulnerability in Dell Unisphere for PowerMax
CVE-2021-21531

8.1HIGH

Key Information:

Vendor: Dell
Status: Unisphere For Powermax
Vendor: CVE Published:; 30 April 2021

What is CVE-2021-21531?

Dell Unisphere for PowerMax suffers from an authorization bypass vulnerability that affects versions prior to 9.2.1.6. A local authenticated user with a monitor role can exploit the vulnerability to execute unauthorized actions, undermining the integrity of the system. This security flaw poses significant risks, allowing potential attackers to gain privileges they are not entitled to, thereby compromising sensitive operations within the PowerMax environment.

Affected Version(s)

Unisphere for PowerMax < 9.2.1.6

References

https://www.dell.com/support/kbdoc/000184565

x_refsource_MISC

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 30, 2021
Vulnerability Reserved
Jan 4, 2021