CVE-2021-36339
First published: Fri Jan 21 2022(Updated: )
The Dell EMC Virtual Appliances before 9.2.2.2 contain undocumented user accounts. A local malicious user may potentially exploit this vulnerability to get privileged access to the virtual appliance.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell Solutions Enabler | <9.1.0.18 | |
| Dell Solutions Enabler | >=9.2.0.0<9.2.3.0 | |
| Dell Solutions Enabler Virtual Appliance | <9.1.0.18 | |
| Dell Solutions Enabler Virtual Appliance | >=9.2.0.0<9.2.3.0 | |
| Dell Unisphere 360 | <9.1.0.29 | |
| Dell Unisphere 360 | >=9.2.0.0<9.2.3.3 | |
| Dell Unisphere for PowerMax | <9.1.0.31 | |
| Dell Unisphere for PowerMax | >=9.2.0.0<9.2.3.4 | |
| Dell Unisphere For Powermax Virtual Appliance | <9.1.0.31 | |
| Dell Unisphere For Powermax Virtual Appliance | >=9.2.0.0<9.2.3.4 | |
| Dell Vasa | <9.1.0.723 | |
| Dell Vasa | >=9.2.0.0<9.2.3.0 | |
| Dell Powermax Os | =5978 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-36339?
CVE-2021-36339 is a vulnerability found in Dell EMC Virtual Appliances that allows local malicious users to gain privileged access.
Which software versions are affected by CVE-2021-36339?
Affected software versions include Dell Solutions Enabler (up to 9.1.0.18 and 9.2.0.0 to 9.2.3.0), Dell Solutions Enabler Virtual Appliance (up to 9.1.0.18 and 9.2.0.0 to 9.2.3.0), Dell Unisphere 360 (up to 9.1.0.29 and 9.2.0.0 to 9.2.3.3), Dell Unisphere for PowerMax (up to 9.1.0.31 and 9.2.0.0 to 9.2.3.4), Dell Unisphere For Powermax Virtual Appliance (up to 9.1.0.31 and 9.2.0.0 to 9.2.3.4), and Dell Vasa (up to 9.1.0.723 and 9.2.0.0 to 9.2.3.0).
What is the severity of CVE-2021-36339?
CVE-2021-36339 has a severity rating of 7.8 (high).
How can a local malicious user exploit CVE-2021-36339?
A local malicious user can exploit CVE-2021-36339 to gain privileged access to the Dell EMC Virtual Appliance.
Where can I find more information about CVE-2021-36339?
You can find more information about CVE-2021-36339 on the Dell support website at https://www.dell.com/support/kbdoc/000194640.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/severity
- agent/author
- agent/references
- agent/event
- agent/description
- agent/remedy
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/dell
- canonical/dell solutions enabler
- version/dell solutions enabler/9.2.0.0
- canonical/dell solutions enabler virtual appliance
- version/dell solutions enabler virtual appliance/9.2.0.0
- canonical/dell unisphere 360
- version/dell unisphere 360/9.2.0.0
- canonical/dell unisphere for powermax
- version/dell unisphere for powermax/9.2.0.0
- canonical/dell unisphere for powermax virtual appliance
- version/dell unisphere for powermax virtual appliance/9.2.0.0
- canonical/dell vasa
- version/dell vasa/9.2.0.0
- canonical/dell powermax os
- version/dell powermax os/5978