Improper Input Validation in Dell EMC CloudLink Products
CVE-2021-36335

4.3MEDIUM

Key Information:

Vendor: Dell
Status: ClouD-Link
Vendor: CVE Published:; 23 November 2021

Summary

Dell EMC CloudLink, including version 7.1 and earlier, has a vulnerability stemming from improper input validation. This could allow remote attackers with low privileges to exploit the flaw, potentially leading to the execution of arbitrary files on the server. Organizations using these versions should consider implementing immediate patches to safeguard against potential exploitation.

Affected Version(s)

CloudLink < 7.1.1

References

https://www.dell.com/support/kbdoc/en-us/000193031/https-...

x_refsource_MISC

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 23, 2021
Vulnerability Reserved
Jul 8, 2021