Medium - CVE-2021-36332 - Dell EMC CloudLink 7.1 and all prior versions...

Nov 27, 2021 10:00 am Cyber Security 363

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name
CVE-2021-36332
First vendor Publication
2021-11-23
Vendor
Cve
Last vendor Modification
2021-11-27

Security-Database Scoring CVSS v3


Cvss vector : CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Overall CVSS Score
5.4

Base Score
5.4
Environmental Score
5.4
impact SubScore
2.7
Temporal Score
5.4
Exploitabality Sub Score
2.3

 
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality Impact
Low
Integrity Impact
Low
Availability Impact
None
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2


Cvss vector : (AV:N/AC:M/Au:S/C:P/I:P/A:N)
Cvss Base Score
4.9
Attack Range
Network
Cvss Impact Score
4.9
Attack Complexity
Medium
Cvss Expoit Score
6.8
Authentication
Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail




Dell EMC CloudLink 7.1 and all prior versions contain a HTML and Javascript Injection Vulnerability. A remote low privileged attacker, may potentially exploit this vulnerability, directing end user to arbitrary and potentially malicious websites.




Original Source


Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36332

CWE : Common Weakness Enumeration


%
Id
N ..

Support the originator by clicking the read the rest link below.
medium 36332 cloudlink prior versions
Read The Rest from the original source
security-database.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!