CVE-2021-21507

HIGH

Dell EMC X-Series <3.0.1.8 & PowerEdge VRTX <2.0.0.82 - Info Disclo...

Title source: llm

Description

Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX Switch Module firmware versions prior to 2.0.0.82 contain a Weak Password Encryption Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable system with privileges of the compromised account.

References (1)

[Patch, Vendor Advisory] https://www.dell.com/support/kbdoc/000185252

Scores

CVSS v3 8.8

EPSS 0.0012

EPSS Percentile 30.0%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-326 CWE-261

Status published

Products (11)

dell/r1-2210_firmware < 2.0.0.82

dell/r1-2401_firmware < 2.0.0.82

dell/x1008_firmware < 3.0.1.8

dell/x1008p_firmware < 3.0.1.8

dell/x1018_firmware < 3.0.1.8

dell/x1018p_firmware < 3.0.1.8

dell/x1026_firmware < 3.0.1.8

dell/x1026p_firmware < 3.0.1.8

dell/x1052_firmware < 3.0.1.8

dell/x1052p_firmware < 3.0.1.8

... and 1 more

Published Apr 30, 2021

Tracked Since Feb 18, 2026