DSA-2021-017: Dell Networking Security Update for a Weak Password Encryption Vulnerability
Zhrnutie: Dell Networking X-Series remediation is available for a weak password encryption vulnerability that may be exploited by malicious users to compromise the affected system.
Tento článok sa vzťahuje na
Tento článok sa nevzťahuje na
Tento článok nie je viazaný na žiadny konkrétny produkt.
V tomto článku nie sú uvedené všetky verzie produktov.
Dosah
High
Podrobnosti
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21507 | Dell Networking X-Series firmware versions prior to 3.0.1.8 and Dell PowerEdge VRTX firmware versions prior to 2.0.0.82 contain a Weak Password Encryption Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable system with privileges of the compromised account. | 8.8 | CVSS:3.1(AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) |
For information regarding the VRTX remediation, see KB article 185252: DSA-2020-080: Dell PowerEdge VRTX Security Update for a Weak Password Encryption Vulnerability
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21507 | Dell Networking X-Series firmware versions prior to 3.0.1.8 and Dell PowerEdge VRTX firmware versions prior to 2.0.0.82 contain a Weak Password Encryption Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable system with privileges of the compromised account. | 8.8 | CVSS:3.1(AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) |
For information regarding the VRTX remediation, see KB article 185252: DSA-2020-080: Dell PowerEdge VRTX Security Update for a Weak Password Encryption Vulnerability
Dotknuté produkty a riešenie problému
| CVE Addressed | Product | Affected Version | Updated Version | Link to Update |
| CVE-2021-21507 | Dell Networking X-Series firmware | Versions prior to 3.0.1.2 |
3.0.1.8 | Link to X1000 Update Link to X4012 Update |
| CVE Addressed | Product | Affected Version | Updated Version | Link to Update |
| CVE-2021-21507 | Dell Networking X-Series firmware | Versions prior to 3.0.1.2 |
3.0.1.8 | Link to X1000 Update Link to X4012 Update |
História revízií
| Revision | Date | Description |
| 1.0 | 2021-04-14 | Initial Release |
| 1.1 | 2021-06-09 | Acknowledgement Update |
Potvrdenia
Dell Technologies would like to thank Ken Pyle for his contributions.
Súvisiace informácie
Legal Disclaimer
Dotknuté produkty
X SeriesProdukty
Networking, Product Security InformationVlastnosti článku
Číslo článku: 000185250
Typ článku: Dell Security Advisory
Dátum poslednej úpravy: 18 sep 2025
Nájdite odpovede na svoje otázky od ostatných používateľov spoločnosti Dell
Služby podpory
Skontrolujte, či sa na vaše zariadenie vzťahujú služby podpory.