Vulnerability Details CVE-2021-36307
Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vulnerability to gain admin privileges on the affected system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.0%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 8.5
References
Products affected by CVE-2021-36307
-
cpe:2.3:o:dell:networking_os10:*
-
cpe:2.3:o:dell:networking_os10:10.3.2-r2
-
cpe:2.3:o:dell:networking_os10:10.4.0-r3s
-
cpe:2.3:o:dell:networking_os10:10.4.1.4
-
cpe:2.3:o:dell:networking_os10:10.4.2.1
-
cpe:2.3:o:dell:networking_os10:10.4.3.0
-
cpe:2.3:o:dell:networking_os10:10.5.2.0