CVE-2021-21508
MEDIUMDell VxRail < 7.0.200 - Insertion of Sensitive Information into Log File
Title source: ruleDescription
Dell VxRail versions before 7.0.200 contain a Plain-text Password Storage Vulnerability in VxRail Manager. A sys-admin user may exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
https://dellservices.lightning.force.com/lightning/r/Lightning_Knowledge__kav/ka0Do000000m7VwIAI/view
Scores
CVSS v3
6.7
EPSS
0.0001
EPSS Percentile
1.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-532
Status
published
Products (1)
Dell/VxRail
< 7.0.200
Published
May 22, 2026
Tracked Since
May 22, 2026