FKIE_CVE-2021-21522

Vulnerability from fkie_nvd - Published: 2021-09-28 20:15 - Updated: 2024-11-21 05:48
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageability Interface.
References
security_alert@emc.comhttps://www.dell.com/support/kbdoc/000191495Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.dell.com/support/kbdoc/000191495Vendor Advisory
Impacted products
Vendor Product Version
dell latitude_5285_2-in-1_firmware *
dell latitude_5285_2-in-1 *
dell latitude_5289_2-in-1_firmware *
dell latitude_5289_2-in-1 *
dell latitude_5310_2-in-1_firmware 1.7.0
dell latitude_5310_2-in-1 *
dell latitude_5290_2-in-1_firmware *
dell latitude_5290_2-in-1 *
dell latitude_7210_2-in-1_firmware *
dell latitude_7210_2-in-1 -
dell latitude_7212_rugged_extreme_tablet_firmware *
dell latitude_7212_rugged_extreme_tablet_firmware 1.33.0
dell latitude_7212_rugged_extreme_tablet -
dell latitude_7280_firmware *
dell latitude_7280_firmware 1.21.1
dell latitude_7280 -
dell latitude_7290_firmware *
dell latitude_7290_firmware 1.20.0
dell latitude_7290 -
dell latitude_7285_firmware *
dell latitude_7285_firmware 1.11.0
dell latitude_7285 -
dell latitude_7370_firmware *
dell latitude_7370_firmware 1.24.3
dell latitude_7370 -
dell latitude_7310_firmware *
dell latitude_7310 -
dell latitude_7380_firmware 1.21.1
dell latitude_7380 -
dell latitude_7389_firmware *
dell latitude_7389 -
dell latitude_7390_firmware 1.20.0
dell latitude_7390 -
dell latitude_7410_firmware *
dell latitude_7410 -
dell latitude_7390_2-in-1_firmware *
dell latitude_7390_2-in-1 -
dell latitude_7420_firmware *
dell latitude_7420 -
dell latitude_7480_firmware *
dell latitude_7480 -
dell latitude_7490_firmware *
dell latitude_7490 -
dell latitude_9410_firmware *
dell latitude_9410 -
dell latitude_9510_firmware *
dell latitude_9510 -
dell precision_3640_tower_firmware *
dell precision_3640_tower -
dell precision_5520_firmware *
dell precision_5520 -
dell precision_5510_firmware *
dell precision_5510 -
dell precision_5530_2-in-1_firmware *
dell precision_5530_2-in-1 -
dell xps_13_9360_firmware *
dell xps_13_9360 -
dell xps_13_9370_firmware *
dell xps_13_9370 -
dell xps_15_9575_2-in-1_firmware *
dell xps_15_9575_2-in-1 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_5285_2-in-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "686A4B01-36E4-47F6-9071-C0B80B2FC8FB",
              "versionEndExcluding": "1.13.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_5285_2-in-1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97FC59FC-A909-4C92-8C50-4AA00A909507",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_5289_2-in-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B1E1EEC-EFC3-4898-8D3E-B144C1E66D5D",
              "versionEndExcluding": "1.23.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_5289_2-in-1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE0F2BAA-BCBD-4DA0-A68C-5E3F30B7A271",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_5310_2-in-1_firmware:1.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4B3950E-9847-40E7-BED4-E0FA2094232B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_5310_2-in-1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5EA2D37-C540-4707-A1F0-6CAB51C6E276",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_5290_2-in-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A79606E0-2F13-43A1-A963-3BEDAA23AAEE",
              "versionEndExcluding": "1.16.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_5290_2-in-1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "62AA0342-2273-49F4-95F2-5F28F628761B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_7210_2-in-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FEEA091-4CFA-4E98-88A9-2A4090572EEF",
              "versionEndExcluding": "1.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_7210_2-in-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E37D006F-587F-4D6C-B382-1552C15FF360",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_7212_rugged_extreme_tablet_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "438527CB-7BD2-486A-AF38-78E34D11258C",
              "versionEndExcluding": "1.33.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dell:latitude_7212_rugged_extreme_tablet_firmware:1.33.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE337A91-47C1-4316-8E7C-D443CDCBFE87",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_7212_rugged_extreme_tablet:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63A20A1-663E-4DF6-AEEF-CCD48418B4F2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_7280_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BC8923D-C494-44F5-98DD-EE926ED741B9",
              "versionEndExcluding": "1.21.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dell:latitude_7280_firmware:1.21.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FEE41B2-0B67-4DEA-8445-BDDB786EB73E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_7280:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5D3133-9388-49CF-A85D-2247A4DD9C4C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_7290_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "62F52B6E-7791-41D1-A2F3-9EF0B8E8FF4E",
              "versionEndExcluding": "1.20.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dell:latitude_7290_firmware:1.20.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA86A522-E1A1-47B7-9AAC-DA1C5AE62A83",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_7290:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "359A2878-C996-4FD2-9AB6-B33531E2F630",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_7285_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6790E2D8-4D94-4DC3-9D86-69BE4F2F8CF6",
              "versionEndExcluding": "1.11.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dell:latitude_7285_firmware:1.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A30BBC4D-3547-4A09-AFAF-3151E8E54E55",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_7285:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F15F433-B614-402F-90AC-805AFA0FA340",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_7370_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4975A36F-4855-4F5C-B7EC-305590AFE6BD",
              "versionEndExcluding": "1.24.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dell:latitude_7370_firmware:1.24.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD7425DC-A4E9-47E8-90BC-C7840E2B90B7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_7370:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82234546-AF33-45FC-BF50-2AA8FD38A5A1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_7310_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5F63B7A-B704-4800-8983-52FABE96FD5F",
              "versionEndExcluding": "1.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_7310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFEDD8F7-2EF0-4A6F-9F51-60100D317BF8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_7380_firmware:1.21.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F03B20F-1719-4CDE-8EBA-4CBE13669720",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_7380:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1786B67-E621-4B2B-848A-B0F442719E94",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_7389_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "310B2EF0-4822-4D6E-93AE-1167B4B32E51",
              "versionEndExcluding": "1.23.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_7389:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0952C9F6-0AB7-4DEA-B6AA-76159A2F7C42",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_7390_firmware:1.20.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "122F6BAE-0EDE-49EA-ABED-AFA0B2783D69",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_7390:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D8C3716-4E1C-4D32-BC94-81D7FB838FFC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_7410_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "489006EE-91B1-4A29-82FC-71F948C8F4D5",
              "versionEndExcluding": "1.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_7410:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D3B023F-99A9-49EF-90F9-13D83CA69293",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_7390_2-in-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0A80B44-3BD5-466C-A6C1-333E61E0D9B4",
              "versionEndExcluding": "1.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_7390_2-in-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C127AF83-FC01-4774-9ADC-7DFA02C8237B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_7420_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45F41BDC-91C7-4E76-B3D4-9EDAA6B6A5DB",
              "versionEndExcluding": "1.7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_7420:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B9C08D4-AA20-4EB9-8FDF-615E60BA3B88",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_7480_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2AC7636-8A86-49BD-837D-EB8363F7B551",
              "versionEndExcluding": "1.21.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_7480:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA90466D-6AE9-4030-ACFF-033E75A39CBD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_7490_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "82AE84E5-D854-4222-B54C-EDE3F09465F6",
              "versionEndExcluding": "1.20.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_7490:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26AD9A87-7D62-4566-A1B8-E843176E2E38",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_9410_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C74D109A-2D68-4AA4-868F-A97D5B02F719",
              "versionEndExcluding": "1.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_9410:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE3F01FD-FC66-4DA7-A041-976B0AFA370A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:latitude_9510_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97BB1F59-A83F-49D5-8B33-7D14B1CAF49A",
              "versionEndExcluding": "1.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:latitude_9510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A3C6284-3A69-4388-842C-6AC3CD3A7706",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:precision_3640_tower_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E072F027-08F7-42CA-AA54-F354CF66D09B",
              "versionEndExcluding": "1.6.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:precision_3640_tower:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "02ABB4CF-0B99-4348-82C9-328B1E7506E8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:precision_5520_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05BF69BB-400F-4CD7-B81B-2364CF184B7F",
              "versionEndExcluding": "1.23.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:precision_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBBFE522-7630-4BED-9B2C-2AC12CA693DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:precision_5510_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C14A0E0-ACF0-487A-8253-1A848CF7171B",
              "versionEndExcluding": "1.17.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:precision_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE40F051-53DE-451C-ABFC-2695771A96DF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:precision_5530_2-in-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B26CFEE6-91EF-4267-8692-7767ADAE2BCC",
              "versionEndExcluding": "1.14.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:precision_5530_2-in-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30622F6E-2F6D-482B-AA1E-65DA4A4B1679",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xps_13_9360_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "717140CF-2F38-440B-A855-74E4CA3EE827",
              "versionEndExcluding": "2.16.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xps_13_9360:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "573AF858-3312-4470-AC6B-72E466C93859",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xps_13_9370_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E61E1FC-4E3F-44D7-AB2C-29F70E724639",
              "versionEndExcluding": "1.15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xps_13_9370:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "353FAC21-3AC5-4563-BEE7-7C5DCB1C7C76",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xps_15_9575_2-in-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69AFDBB7-EE07-4D89-8FB8-E1A939DC88D6",
              "versionEndExcluding": "1.16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xps_15_9575_2-in-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "129C0F2A-F75C-4C60-9A6C-63B96AF08CDD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageability Interface."
    },
    {
      "lang": "es",
      "value": "Dell BIOS contiene un problema de Administraci\u00f3n de Credenciales. Un usuario malicioso autenticado localmente puede explotar potencialmente esta vulnerabilidad para conseguir acceso a informaci\u00f3n confidencial en un almacenamiento NVMe al restablecer la contrase\u00f1a del BIOS en el sistema por medio de la interfaz de administraci\u00f3n"
    }
  ],
  "id": "CVE-2021-21522",
  "lastModified": "2024-11-21T05:48:31.210",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "security_alert@emc.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-28T20:15:07.397",
  "references": [
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/000191495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/000191495"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-255"
        }
      ],
      "source": "security_alert@emc.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.