Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-21524

Dell SRM versions prior to 4.5.0.1 and Dell SMR versions prior to 4.5.0.1 contain an Untrusted Deserialization Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to arbitrary privileged code execution on the vulnerable application. The severity is Critical as this may lead to system compromise by unauthenticated attackers.

Published

2021-04-12T20:15:11.680

Last Modified

2024-11-21T05:48:31.380

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

10.0

Impact Score

10.0

Weaknesses
  • Type: Secondary
    CWE-502
  • Type: Primary
    CWE-502
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application dell storage_monitoring_and_reporting < 4.5.0.1 Yes
Application dell storage_resource_manager < 4.5.0.1 Yes
References