CVE-2021-43587 HIGH

CVE-2021-43587

Vendor Dell

Product PowerPath Management Appliance

Weakness CWE-321

Published December 21, 2021

Last update September 17, 2024

View on NVD All CVEs

CVSS base score

8.2/10

Attack vector Local

Attack complexity Low

Privileges required High

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high-privileged malicious user may potentially exploit this vulnerability to gain access to secrets and elevate to gain higher privileges.

Key dates

02Disclosure timeline

December 21, 2021 CVE published

September 17, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-43587 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/321.html

Related vulnerabilities

Identifiers

CVE CVE-2021-43587

CWE CWE-321

CVSS 8.2 / HIGH

Affected versions