Lucene search

DellCVELIST:CVE-2021-36333

HistoryNov 23, 2021 - 8:00 p.m.

CVE-2021-36333

2021-11-2320:00:43

CWE-120

dell

www.cve.org

dell emc cloudlink

buffer overflow

vulnerability

application crash

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.7

Confidence

High

EPSS

Percentile

5.1%

JSON

Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. A local low privileged attacker, may potentially exploit this vulnerability, leading to an application crash.

CNA Affected

[
  {
    "product": "CloudLink",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "7.1.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/en-us/000193031/https-dellservices-lightning-force-com-one-one-apphttps://www.dell.com/support/kbdoc/en-us/000193031/https-dellservices-lightning-force-com-one-one-app

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.7

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2021-36333