8.2
CVE-2021-21594
- EPSS 0.81%
- Veröffentlicht 16.08.2021 22:15:07
- Zuletzt bearbeitet 21.11.2024 05:48:39
- Quelle security_alert@emc.com
- CVE-Watchlists
- Unerledigt
Dell PowerScale OneFS versions 8.2.2 - 9.1.0.x contain a use of get request method with sensitive query strings vulnerability. It can lead to potential disclosure of sensitive data. Dell recommends upgrading at your earliest opportunity.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ Emc Powerscale Onefs Version >= 9.0.0.0 <= 9.1.0
Dell ≫ Emc Powerscale Onefs Version8.2.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.81% | 0.52 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
| security_alert@emc.com | 8.2 | 3.9 | 4.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
|
CWE-598 Use of HTTP Request With Sensitive Query String
The web application uses an HTTP method to process a request, but the request includes sensitive information in the query string.
https://www.dell.com/support/kbdoc/000190408