Authentication Bypass in Networking OS10 by Dell
CVE-2021-36308

5.9MEDIUM

Key Information:

Vendor: Dell
Status: Networking Os
Vendor: CVE Published:; 20 November 2021

What is CVE-2021-36308?

A vulnerability exists in Dell's Networking OS10, specifically in versions prior to October 2021 with Smart Fabric Services enabled. An unauthenticated remote attacker can exploit this weakness to gain unauthorized access to the system, potentially leading to unauthorized actions and compromise of the affected network configuration.

Affected Version(s)

Networking OS < unspecified

References

https://www.dell.com/support/kbdoc/en-us/000193076

x_refsource_MISC

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 20, 2021
Vulnerability Reserved
Jul 8, 2021