CVE-2021-21508 MEDIUM

CVE-2021-21508

Vendor Dell
Product VxRail
Weakness CWE-532 · Sensitive info in logs
Published May 22, 2026
Last update May 23, 2026

CVSS base score

6.7/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Dell VxRail versions before 7.0.200 contain a Plain-text Password Storage Vulnerability in VxRail Manager. A sys-admin user may exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Key dates

02Disclosure timeline

May 22, 2026 CVE published
May 23, 2026 Record updated