What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2021-36322.

What is the severity level of CVE-2021-36322?

CVE-2021-36322 has a severity level of 6.1 (medium).

Which Dell Networking X-Series firmware versions are affected by CVE-2021-36322?

Dell Networking X-Series firmware versions prior to 3.0.1.8 are affected by CVE-2021-36322.

How can a remote unauthenticated attacker exploit CVE-2021-36322?

A remote unauthenticated attacker may potentially exploit CVE-2021-36322 by injecting arbitrary host header values to poison the web-cache or trigger redirections.

How can I fix CVE-2021-36322?

To fix CVE-2021-36322, it is recommended to update the Dell Networking X-Series firmware to version 3.0.1.8 or later.

Vulnerability/
CVE-2021-36322

medium

6.1

CWE

74 20

20/11/2021

17/9/2024

CVE-2021-36322: Input Validation

First published: Sat Nov 20 2021(Updated: )

Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary host header values to poison the web-cache or trigger redirections.

Credit: security_alert@emc.com

Affected Software	Affected Version	How to fix
Dell X1008p Firmware	<3.0.1.8
Dell X1008p
Dell X1018p Firmware	<3.0.1.8
Dell X1018p
Dell X1026p Firmware	<3.0.1.8
Dell X1026p
Dell X1052p Firmware	<3.0.1.8
Dell X1052p
Dell X4012 Firmware	<3.0.1.8
Dell X4012
Dell X1008 Firmware	<3.0.1.8
Dell X1008
Dell X1018 Firmware	<3.0.1.8
Dell X1018
Dell X1026 Firmware	<3.0.1.8
Dell X1026
Dell X1052 Firmware	<3.0.1.8
Dell X1052

Remedy

https://www.dell.com/support/kbdoc/en-us/000193230/dsa-2021-191-dell-networking-x-series-security-update-for-multiple-security-vulnerabilities

Never miss a vulnerability like this again

Reference Links

https://www.dell.com/support/kbdoc/en-us/000193230/dsa-2021-191-dell-networking-x-series-security-update-for-multiple-security-vulnerabilities

Frequently Asked Questions

What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2021-36322.
What is the severity level of CVE-2021-36322?
CVE-2021-36322 has a severity level of 6.1 (medium).
Which Dell Networking X-Series firmware versions are affected by CVE-2021-36322?
Dell Networking X-Series firmware versions prior to 3.0.1.8 are affected by CVE-2021-36322.
How can a remote unauthenticated attacker exploit CVE-2021-36322?
A remote unauthenticated attacker may potentially exploit CVE-2021-36322 by injecting arbitrary host header values to poison the web-cache or trigger redirections.
How can I fix CVE-2021-36322?
To fix CVE-2021-36322, it is recommended to update the Dell Networking X-Series firmware to version 3.0.1.8 or later.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.