CVE-2021-36320
First published: Wed Nov 03 2021(Updated: )
Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially hijack a session and access the webserver by forging the session ID.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell X1008p Firmware | <3.0.1.8 | |
| Dell X1008p | ||
| Dell X1018p Firmware | <3.0.1.8 | |
| Dell X1018p | ||
| Dell X1026p Firmware | <3.0.1.8 | |
| Dell X1026p | ||
| Dell X1052p Firmware | <3.0.1.8 | |
| Dell X1052p | ||
| Dell X4012 Firmware | <3.0.1.8 | |
| Dell X4012 | ||
| Dell X1008 Firmware | <3.0.1.8 | |
| Dell X1008 | ||
| Dell X1018 Firmware | <3.0.1.8 | |
| Dell X1018 | ||
| Dell X1026 Firmware | <3.0.1.8 | |
| Dell X1026 | ||
| Dell X1052 Firmware | <3.0.1.8 | |
| Dell X1052 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-36320?
CVE-2021-36320 is a vulnerability in Dell Networking X-Series firmware versions prior to 3.0.1.8 that allows for authentication bypass.
How severe is CVE-2021-36320?
CVE-2021-36320 is classified as a critical vulnerability with a severity score of 9.8.
How can an attacker exploit CVE-2021-36320?
A remote unauthenticated attacker can exploit CVE-2021-36320 by hijacking a session and accessing the webserver by forging the session ID.
Which Dell networking products are affected by CVE-2021-36320?
Dell X1008p, Dell X1018p, Dell X1026p, Dell X1052p, Dell X4012, Dell X1008, Dell X1018, Dell X1026, and Dell X1052 with firmware versions prior to 3.0.1.8 are affected by CVE-2021-36320.
How can I fix CVE-2021-36320?
To fix CVE-2021-36320, it is recommended to update your Dell Networking X-Series firmware to version 3.0.1.8 or later.
- collector/nvd-index
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/type
- agent/event
- agent/description
- agent/tags
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/dell
- canonical/dell x1008p firmware
- canonical/dell x1008p
- canonical/dell x1018p firmware
- canonical/dell x1018p
- canonical/dell x1026p firmware
- canonical/dell x1026p
- canonical/dell x1052p firmware
- canonical/dell x1052p
- canonical/dell x4012 firmware
- canonical/dell x4012
- canonical/dell x1008 firmware
- canonical/dell x1008
- canonical/dell x1018 firmware
- canonical/dell x1018
- canonical/dell x1026 firmware
- canonical/dell x1026
- canonical/dell x1052 firmware
- canonical/dell x1052