| |
Vulnerability CVE-2021-21522
Published: 2021-09-28
| Description: |
Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageability Interface. |
Type:
CWE-522 (Insufficiently Protected Credentials)
CVSS2 => (AV:L/AC:L/Au:N/C:P/I:N/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
2.1/10 |
2.9/10 |
3.9/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
https://www.dell.com/support/kbdoc/000191495
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
