CVE-2021-36338

MEDIUM

Unisphere for PowerMax <9.2.2.2 - Privilege Escalation

Title source: llm

Description

Unisphere for PowerMax versions prior to 9.2.2.2 contains a privilege escalation vulnerability. An adjacent malicious user could potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to. CVE-2022-31233 addresses the partial fix in CVE-2021-36338.

References (1)

[Patch, Vendor Advisory] https://www.dell.com/support/kbdoc/000194640

Scores

CVSS v3 6.3

EPSS 0.0008

EPSS Percentile 22.7%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

Details

CWE

CWE-602 CWE-565

Status published

Products (7)

dell/powermax_os 5978

dell/solutions_enabler < 9.1.0.18

dell/solutions_enabler_virtual_appliance < 9.1.0.18

dell/unisphere_360 < 9.1.0.29

dell/unisphere_for_powermax < 9.1.0.31

dell/unisphere_for_powermax_virtual_appliance < 9.1.0.31

dell/vasa < 9.1.0.723

Published Jan 21, 2022

Tracked Since Feb 18, 2026