Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-36284
HistorySep 28, 2021 - 8:15 p.m.

CVE-2021-36284

2021-09-2820:15:07
CWE-307
[email protected]
web.nvd.nist.gov
8
dell
bios
vulnerability
authentication
administrator
bypass
brute force

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

EPSS

0

Percentile

5.1%

JSON

Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive admin password attempt mitigations in order to carry out a brute force attack.

Affected configurations

Nvd
Node
delllatitude_5310_2-in-1_firmwareRange<1.7.0
AND
delllatitude_5310_2-in-1Match-
Node
delllatitude_5320_firmwareRange<1.7.0
AND
delllatitude_5320Match-
Node
delllatitude_5400_firmwareRange<1.7.1
AND
delllatitude_5400Match-
Node
delllatitude_5411_firmwareRange<1.6.0
AND
delllatitude_5411Match-
Node
delllatitude_5500_firmwareRange<1.8.0
AND
delllatitude_5500Match-
Node
delllatitude_5520_firmwareRange<1.6.0
AND
delllatitude_5520Match-
Node
delllatitude_5511_firmwareRange<1.7.1
AND
delllatitude_5511Match-
Node
delllatitude_7212_rugged_extreme_tablet_firmwareRange<1.7.0
AND
delllatitude_7212_rugged_extreme_tabletMatch-
Node
delllatitude_7280_firmwareRange<1.9.1
AND
delllatitude_7280Match-
Node
delllatitude_7320_firmwareRange<1.7.0
AND
delllatitude_7320Match-
Node
delllatitude_7370_firmwareRange<1.7.1
AND
delllatitude_7370Match-
Node
delllatitude_7420_firmwareRange<1.7.0
AND
delllatitude_7420Match-
Node
delllatitude_7480_firmwareRange<1.7.1
AND
delllatitude_7480Match-
Node
delllatitude_9410_firmwareRange<1.7.1
AND
delllatitude_9410Match-
Node
delllatitude_9510_firmwareRange<1.7.0
AND
delllatitude_9510Match-
Node
delllatitude_9520_firmwareRange<1.6.0
AND
delllatitude_9520Match-
Node
delloptiplex_3080_firmwareRange<1.5.2
AND
delloptiplex_3080Match-
Node
delloptiplex_3280_aio_firmwareRange<1.2.0
AND
delloptiplex_3280_aioMatch-
Node
delloptiplex_7480_aio_firmwareRange<1.2.0
AND
delloptiplex_7480_aioMatch-
Node
dellprecision_3551_ffirmwareRange<1.6.2
AND
dellprecision_3551Match-
Node
dellprecision_3640_tower_firmwareRange<1.7.1
AND
dellprecision_3640_towerMatch-
VendorProductVersionCPE
delllatitude_5310_2-in-1_firmware*cpe:2.3:o:dell:latitude_5310_2-in-1_firmware:*:*:*:*:*:*:*:*
delllatitude_5310_2-in-1-cpe:2.3:h:dell:latitude_5310_2-in-1:-:*:*:*:*:*:*:*
delllatitude_5320_firmware*cpe:2.3:o:dell:latitude_5320_firmware:*:*:*:*:*:*:*:*
delllatitude_5320-cpe:2.3:h:dell:latitude_5320:-:*:*:*:*:*:*:*
delllatitude_5400_firmware*cpe:2.3:o:dell:latitude_5400_firmware:*:*:*:*:*:*:*:*
delllatitude_5400-cpe:2.3:h:dell:latitude_5400:-:*:*:*:*:*:*:*
delllatitude_5411_firmware*cpe:2.3:o:dell:latitude_5411_firmware:*:*:*:*:*:*:*:*
delllatitude_5411-cpe:2.3:h:dell:latitude_5411:-:*:*:*:*:*:*:*
delllatitude_5500_firmware*cpe:2.3:o:dell:latitude_5500_firmware:*:*:*:*:*:*:*:*
delllatitude_5500-cpe:2.3:h:dell:latitude_5500:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 421

Related

cve 1
prion 1
cvelist 1
cve
cve
CVE-2021-36284
2021-09-28 20:15:07
prion
prion
Input validation
2021-09-28 20:15:00
cvelist
cvelist
CVE-2021-36284
2021-09-28 19:20:24

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

EPSS

0

Percentile

5.1%

JSON
Related for NVD:CVE-2021-36284
cve1prion1cvelist1