CVE-2021-43587
HIGHDell PowerPath Management Appliance - Info Disclosure
Title source: llmDescription
Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high-privileged malicious user may potentially exploit this vulnerability to gain access to secrets and elevate to gain higher privileges.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.dell.com/support/kbdoc/en-us/000194083/dsa-2021-260
Scores
CVSS v3
8.2
EPSS
0.0003
EPSS Percentile
10.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Details
CWE
CWE-321
Status
published
Products (4)
dell/powerpath_management_appliance
2.6
dell/powerpath_management_appliance
3.0 (2 CPE variants)
dell/powerpath_management_appliance
3.1
dell/powerpath_management_appliance
3.2
Published
Dec 21, 2021
Tracked Since
Feb 18, 2026