CVE-2021-21526: OS Command Injection
First published: Tue Apr 20 2021(Updated: )
Dell PowerScale OneFS 8.1.0 - 9.1.0 contains a privilege escalation in SmartLock compliance mode that may allow compadmin to execute arbitrary commands as root.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell PowerScale OneFS | >=8.1.0<=9.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this Dell PowerScale OneFS vulnerability?
The vulnerability ID of this Dell PowerScale OneFS vulnerability is CVE-2021-21526.
What is the severity of the CVE-2021-21526 vulnerability?
The severity of the CVE-2021-21526 vulnerability is high with a CVSS score of 6.7.
What is the affected software of the CVE-2021-21526 vulnerability?
The affected software of the CVE-2021-21526 vulnerability is Dell PowerScale OneFS versions 8.1.0 to 9.1.0.
How does the CVE-2021-21526 vulnerability work?
The CVE-2021-21526 vulnerability allows compadmin to execute arbitrary commands as root in SmartLock compliance mode.
Is there a fix for the CVE-2021-21526 vulnerability?
Yes, Dell has released a fix for the CVE-2021-21526 vulnerability. Please refer to the Dell support website for more information.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/dell
- canonical/dell powerscale onefs
- version/dell powerscale onefs/8.1.0
- version/dell powerscale onefs/9.1.0