Vulnerability Details CVE-2021-36322
Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary host header values to poison the web-cache or trigger redirections.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.5%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 5.8
References
Products affected by CVE-2021-36322
-
cpe:2.3:h:dell:x1008:-
-
cpe:2.3:h:dell:x1008p:-
-
cpe:2.3:h:dell:x1018:-
-
cpe:2.3:h:dell:x1018p:-
-
cpe:2.3:h:dell:x1026:-
-
cpe:2.3:h:dell:x1026p:-
-
cpe:2.3:h:dell:x1052:-
-
cpe:2.3:h:dell:x1052p:-
-
cpe:2.3:h:dell:x4012:-
-
cpe:2.3:o:dell:x1008_firmware:*
-
cpe:2.3:o:dell:x1008p_firmware:*
-
cpe:2.3:o:dell:x1018_firmware:*
-
cpe:2.3:o:dell:x1018p_firmware:*
-
cpe:2.3:o:dell:x1026_firmware:*
-
cpe:2.3:o:dell:x1026p_firmware:*
-
cpe:2.3:o:dell:x1052_firmware:*
-
cpe:2.3:o:dell:x1052p_firmware:*
-
cpe:2.3:o:dell:x4012_firmware:-
-
cpe:2.3:o:dell:x4012_firmware:2.0.0.77