CVE-2021-36327 MEDIUM

CVE-2021-36327

Vendor Dell
Product Dell EMC Streaming Data Platform
Weakness CWE-918 · SSRF
Published November 30, 2021
Last update September 16, 2024

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Dell EMC Streaming Data Platform versions before 1.3 contain a Server Side Request Forgery Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to perform port scanning of internal networks and make HTTP requests to an arbitrary domain of the attacker's choice.

Key dates

02Disclosure timeline

November 30, 2021 CVE published
September 16, 2024 Record updated