CVE-2021-36319
EUVD-2021-2293920.11.2021, 02:15
Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure vulnerability. A low privileged authenticated malicious user can gain access to SNMP authentication failure messages.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| dell | networking_os10 | 𝑥 < 10.4.3.8 |
| dell | networking_os10 | 10.5.0.0 ≤ 𝑥 < 10.5.0.10 |
| dell | networking_os10 | 10.5.1.0 ≤ 𝑥 < 10.5.1.10 |
| dell | networking_os10 | 10.5.2.0 ≤ 𝑥 < 10.5.2.8 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-665 - Improper InitializationThe software does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.
- CWE-668 - Exposure of Resource to Wrong SphereThe product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.