What is the severity of CVE-2021-36295?

CVE-2021-36295 is considered to have a high severity due to its potential for remote code execution.

How do I fix CVE-2021-36295?

To resolve CVE-2021-36295, it is recommended to update the Dell VNX2 OE for File to version 8.1.21.267 or later.

Who is affected by CVE-2021-36295?

CVE-2021-36295 affects users of Dell VNX2 OE for File versions 8.1.21.266 and earlier.

What type of vulnerability is CVE-2021-36295?

CVE-2021-36295 is classified as an authenticated remote code execution vulnerability.

Can CVE-2021-36295 be exploited remotely?

Yes, CVE-2021-36295 can be exploited remotely by a malicious user with the required privileges.

Vulnerability/
CVE-2021-36295

critical

CWE

25/1/2022

17/9/2024

CVE-2021-36295: OS Command Injection

First published: Tue Jan 25 2022(Updated: )

Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. A remote malicious user with privileges may exploit this vulnerability to execute commands on the system.

Credit: security_alert@emc.com

Affected Software	Affected Version	How to fix
Dell EMC Unity XT Operating Environment	<=8.1.21.266
Dell VNX VG10
Dell VNX VG50
EMC VNX5200
Dell EMC VNX5400
EMC VNX5600
EMC VNX5800
Dell VNX7600
Dell VNX8000

Never miss a vulnerability like this again

Reference Links

https://www.dell.com/support/kbdoc/en-us/000191155/dsa-2021-164-dell-vnx2-control-station-security-update-for-multiple-vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2021-36295?
CVE-2021-36295 is considered to have a high severity due to its potential for remote code execution.
How do I fix CVE-2021-36295?
To resolve CVE-2021-36295, it is recommended to update the Dell VNX2 OE for File to version 8.1.21.267 or later.
Who is affected by CVE-2021-36295?
CVE-2021-36295 affects users of Dell VNX2 OE for File versions 8.1.21.266 and earlier.
What type of vulnerability is CVE-2021-36295?
CVE-2021-36295 is classified as an authenticated remote code execution vulnerability.
Can CVE-2021-36295 be exploited remotely?
Yes, CVE-2021-36295 can be exploited remotely by a malicious user with the required privileges.

agent/type
agent/softwarecombine
agent/weakness
agent/author
agent/severity
agent/references
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/dell
canonical/dell emc unity xt operating environment
version/dell emc unity xt operating environment/8.1.21.266
canonical/dell vnx vg10
canonical/dell vnx vg50
canonical/emc vnx5200
canonical/dell emc vnx5400
canonical/emc vnx5600
canonical/emc vnx5800
canonical/dell vnx7600
canonical/dell vnx8000

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.