All the vulnerabilites related to dell - latitude_5289_2-in-1
cve-2021-21522
Vulnerability from cvelistv5
Published
2021-09-28 19:20
Modified
2024-09-17 03:23
Severity ?
EPSS score ?
Summary
Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageability Interface.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.dell.com/support/kbdoc/000191495 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:23.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/000191495"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CPG BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.13.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageability Interface."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-255",
"description": "CWE-255: Credentials Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-28T19:20:18",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/kbdoc/000191495"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-09-16",
"ID": "CVE-2021-21522",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CPG BIOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.13.0"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageability Interface."
}
]
},
"impact": {
"cvss": {
"baseScore": 8.2,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-255: Credentials Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.dell.com/support/kbdoc/000191495",
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000191495"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2021-21522",
"datePublished": "2021-09-28T19:20:18.180798Z",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-09-17T03:23:12.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2021-09-28 20:15
Modified
2024-11-21 05:48
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageability Interface.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security_alert@emc.com | https://www.dell.com/support/kbdoc/000191495 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.dell.com/support/kbdoc/000191495 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_5285_2-in-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "686A4B01-36E4-47F6-9071-C0B80B2FC8FB",
"versionEndExcluding": "1.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_5285_2-in-1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97FC59FC-A909-4C92-8C50-4AA00A909507",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_5289_2-in-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1E1EEC-EFC3-4898-8D3E-B144C1E66D5D",
"versionEndExcluding": "1.23.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_5289_2-in-1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE0F2BAA-BCBD-4DA0-A68C-5E3F30B7A271",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_5310_2-in-1_firmware:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4B3950E-9847-40E7-BED4-E0FA2094232B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_5310_2-in-1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5EA2D37-C540-4707-A1F0-6CAB51C6E276",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_5290_2-in-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A79606E0-2F13-43A1-A963-3BEDAA23AAEE",
"versionEndExcluding": "1.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_5290_2-in-1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62AA0342-2273-49F4-95F2-5F28F628761B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_7210_2-in-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FEEA091-4CFA-4E98-88A9-2A4090572EEF",
"versionEndExcluding": "1.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_7210_2-in-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E37D006F-587F-4D6C-B382-1552C15FF360",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_7212_rugged_extreme_tablet_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "438527CB-7BD2-486A-AF38-78E34D11258C",
"versionEndExcluding": "1.33.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:latitude_7212_rugged_extreme_tablet_firmware:1.33.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE337A91-47C1-4316-8E7C-D443CDCBFE87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_7212_rugged_extreme_tablet:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D63A20A1-663E-4DF6-AEEF-CCD48418B4F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_7280_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC8923D-C494-44F5-98DD-EE926ED741B9",
"versionEndExcluding": "1.21.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:latitude_7280_firmware:1.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0FEE41B2-0B67-4DEA-8445-BDDB786EB73E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_7280:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5D3133-9388-49CF-A85D-2247A4DD9C4C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_7290_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62F52B6E-7791-41D1-A2F3-9EF0B8E8FF4E",
"versionEndExcluding": "1.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:latitude_7290_firmware:1.20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA86A522-E1A1-47B7-9AAC-DA1C5AE62A83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_7290:-:*:*:*:*:*:*:*",
"matchCriteriaId": "359A2878-C996-4FD2-9AB6-B33531E2F630",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_7285_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6790E2D8-4D94-4DC3-9D86-69BE4F2F8CF6",
"versionEndExcluding": "1.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:latitude_7285_firmware:1.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A30BBC4D-3547-4A09-AFAF-3151E8E54E55",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_7285:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F15F433-B614-402F-90AC-805AFA0FA340",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_7370_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4975A36F-4855-4F5C-B7EC-305590AFE6BD",
"versionEndExcluding": "1.24.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:latitude_7370_firmware:1.24.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7425DC-A4E9-47E8-90BC-C7840E2B90B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_7370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82234546-AF33-45FC-BF50-2AA8FD38A5A1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_7310_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F63B7A-B704-4800-8983-52FABE96FD5F",
"versionEndExcluding": "1.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_7310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFEDD8F7-2EF0-4A6F-9F51-60100D317BF8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_7380_firmware:1.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F03B20F-1719-4CDE-8EBA-4CBE13669720",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_7380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1786B67-E621-4B2B-848A-B0F442719E94",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_7389_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "310B2EF0-4822-4D6E-93AE-1167B4B32E51",
"versionEndExcluding": "1.23.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_7389:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0952C9F6-0AB7-4DEA-B6AA-76159A2F7C42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_7390_firmware:1.20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "122F6BAE-0EDE-49EA-ABED-AFA0B2783D69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_7390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8C3716-4E1C-4D32-BC94-81D7FB838FFC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_7410_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "489006EE-91B1-4A29-82FC-71F948C8F4D5",
"versionEndExcluding": "1.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_7410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3B023F-99A9-49EF-90F9-13D83CA69293",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_7390_2-in-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A80B44-3BD5-466C-A6C1-333E61E0D9B4",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_7390_2-in-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C127AF83-FC01-4774-9ADC-7DFA02C8237B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_7420_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45F41BDC-91C7-4E76-B3D4-9EDAA6B6A5DB",
"versionEndExcluding": "1.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_7420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B9C08D4-AA20-4EB9-8FDF-615E60BA3B88",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_7480_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2AC7636-8A86-49BD-837D-EB8363F7B551",
"versionEndExcluding": "1.21.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_7480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA90466D-6AE9-4030-ACFF-033E75A39CBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_7490_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82AE84E5-D854-4222-B54C-EDE3F09465F6",
"versionEndExcluding": "1.20.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_7490:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26AD9A87-7D62-4566-A1B8-E843176E2E38",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_9410_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C74D109A-2D68-4AA4-868F-A97D5B02F719",
"versionEndExcluding": "1.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_9410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE3F01FD-FC66-4DA7-A041-976B0AFA370A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:latitude_9510_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97BB1F59-A83F-49D5-8B33-7D14B1CAF49A",
"versionEndExcluding": "1.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_9510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A3C6284-3A69-4388-842C-6AC3CD3A7706",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:precision_3640_tower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E072F027-08F7-42CA-AA54-F354CF66D09B",
"versionEndExcluding": "1.6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:precision_3640_tower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02ABB4CF-0B99-4348-82C9-328B1E7506E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:precision_5520_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05BF69BB-400F-4CD7-B81B-2364CF184B7F",
"versionEndExcluding": "1.23.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:precision_5520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBBFE522-7630-4BED-9B2C-2AC12CA693DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:precision_5510_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C14A0E0-ACF0-487A-8253-1A848CF7171B",
"versionEndExcluding": "1.17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:precision_5510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE40F051-53DE-451C-ABFC-2695771A96DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:precision_5530_2-in-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B26CFEE6-91EF-4267-8692-7767ADAE2BCC",
"versionEndExcluding": "1.14.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:precision_5530_2-in-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30622F6E-2F6D-482B-AA1E-65DA4A4B1679",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xps_13_9360_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "717140CF-2F38-440B-A855-74E4CA3EE827",
"versionEndExcluding": "2.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xps_13_9360:-:*:*:*:*:*:*:*",
"matchCriteriaId": "573AF858-3312-4470-AC6B-72E466C93859",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xps_13_9370_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E61E1FC-4E3F-44D7-AB2C-29F70E724639",
"versionEndExcluding": "1.15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xps_13_9370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "353FAC21-3AC5-4563-BEE7-7C5DCB1C7C76",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xps_15_9575_2-in-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69AFDBB7-EE07-4D89-8FB8-E1A939DC88D6",
"versionEndExcluding": "1.16.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xps_15_9575_2-in-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "129C0F2A-F75C-4C60-9A6C-63B96AF08CDD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageability Interface."
},
{
"lang": "es",
"value": "Dell BIOS contiene un problema de Administraci\u00f3n de Credenciales. Un usuario malicioso autenticado localmente puede explotar potencialmente esta vulnerabilidad para conseguir acceso a informaci\u00f3n confidencial en un almacenamiento NVMe al restablecer la contrase\u00f1a del BIOS en el sistema por medio de la interfaz de administraci\u00f3n"
}
],
"id": "CVE-2021-21522",
"lastModified": "2024-11-21T05:48:31.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-28T20:15:07.397",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/000191495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/000191495"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}