Lucene search

DellCVELIST:CVE-2021-21529

HistoryMar 25, 2021 - 12:00 a.m.

CVE-2021-21529

2021-03-2500:00:00

CWE-400

dell

www.cve.org

3.8 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

0.0004 Low

EPSS

Percentile

5.1%

JSON

Dell System Update (DSU) 1.9 and earlier versions contain a denial of service vulnerability. A local authenticated malicious user with low privileges may potentially exploit this vulnerability to cause the system to run out of memory by running multiple instances of the vulnerable application.

CNA Affected

[
  {
    "product": "DellEMC System Update - DSU",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "DSU 1.9.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/en-us/000184608/dsa-2021-059-dell-emc-system-update-dsu-security-update-for-denial-of-service-vulnerability

3.8 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2021-21529