Path Traversal Vulnerability in Dell VNX2 for File Products
CVE-2021-36288

8.6HIGH

Key Information:

Vendor: Dell
Status: Vnx2
Vendor: CVE Published:; 8 April 2022

What is CVE-2021-36288?

The Dell VNX2 for File prior to version 8.1.21.266 is susceptible to a path traversal vulnerability. This weakness allows unauthenticated users to manipulate file paths, which can result in unauthorized reading or writing of sensitive files within the system. Such exposure may lead to potential data leaks and unauthorized modification, emphasizing the critical need for timely updates and patches to safeguard against these security risks.

Affected Version(s)

VNX2 < unspecified

References

https://www.dell.com/support/kbdoc/en-us/000191155/dsa-20...

x_refsource_MISC

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 8, 2022
Vulnerability Reserved
Jul 8, 2021