← Back

CVE-2021-21522

nvd nist
Published: Sep 28, 2021Modified: Nov 21, 2024

JSON object

Loading...
4.4
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Exploitability: 0.8 / Impact: 3.6
Source: NVD

Description

Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageability Interface.

Affected (33)

Dell
28 products
Latitude 5285 2 In 1 Firmware
Latitude 5289 2 In 1 Firmware
Latitude 5310 2 In 1 Firmware
Latitude 5290 2 In 1 Firmware
Latitude 7210 2 In 1 Firmware
Latitude 7212 Rugged Extreme Tablet Firmware
Latitude 7280 Firmware
Latitude 7290 Firmware
Latitude 7285 Firmware
Latitude 7370 Firmware
Latitude 7310 Firmware
Latitude 7380 Firmware
Latitude 7389 Firmware
Latitude 7390 Firmware
Latitude 7410 Firmware
Latitude 7390 2 In 1 Firmware
Latitude 7420 Firmware
Latitude 7480 Firmware
Latitude 7490 Firmware
Latitude 9410 Firmware
Latitude 9510 Firmware
Precision 3640 Tower Firmware
Precision 5520 Firmware
Precision 5510 Firmware
Precision 5530 2 In 1 Firmware
Xps 13 9360 Firmware
Xps 13 9370 Firmware
Xps 15 9575 2 In 1 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Latitude 5285 2 In 1 Firmware
Before 1.13.0
Running on/withPlatform Versions
Dell
Latitude 5285 2 In 1
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Latitude 5289 2 In 1 Firmware
Before 1.23.1
Running on/withPlatform Versions
Dell
Latitude 5289 2 In 1
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Latitude 5310 2 In 1 Firmware
Version 1.7.0
Running on/withPlatform Versions
Dell
Latitude 5310 2 In 1
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Latitude 5290 2 In 1 Firmware
Before 1.16.0
Running on/withPlatform Versions
Dell
Latitude 5290 2 In 1
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Latitude 7210 2 In 1 Firmware
Before 1.7.0
Running on/withPlatform Versions
Dell
Latitude 7210 2 In 1
All versions
Configuration F
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Dell
Latitude 7212 Rugged Extreme Tablet Firmware
Before 1.33.0
Latitude 7212 Rugged Extreme Tablet Firmware
Version 1.33.0
Running on/withPlatform Versions
Dell
Latitude 7212 Rugged Extreme Tablet
All versions
Configuration G
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Dell
Latitude 7280 Firmware
Before 1.21.1
Latitude 7280 Firmware
Version 1.21.1
Running on/withPlatform Versions
Dell
Latitude 7280
All versions
Configuration H
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Dell
Latitude 7290 Firmware
Before 1.20.0
Latitude 7290 Firmware
Version 1.20.0
Running on/withPlatform Versions
Dell
Latitude 7290
All versions
Configuration I
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Dell
Latitude 7285 Firmware
Before 1.11.0
Latitude 7285 Firmware
Version 1.11.0
Running on/withPlatform Versions
Dell
Latitude 7285
All versions
Configuration J
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Dell
Latitude 7370 Firmware
Before 1.24.3
Latitude 7370 Firmware
Version 1.24.3
Running on/withPlatform Versions
Dell
Latitude 7370
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Latitude 7310 Firmware
Before 1.7.0
Running on/withPlatform Versions
Dell
Latitude 7310
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Latitude 7380 Firmware
Version 1.21.1
Running on/withPlatform Versions
Dell
Latitude 7380
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Latitude 7389 Firmware
Before 1.23.1
Running on/withPlatform Versions
Dell
Latitude 7389
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Latitude 7390 Firmware
Version 1.20.0
Running on/withPlatform Versions
Dell
Latitude 7390
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Latitude 7410 Firmware
Before 1.7.0
Running on/withPlatform Versions
Dell
Latitude 7410
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Latitude 7390 2 In 1 Firmware
Before 1.19.0
Running on/withPlatform Versions
Dell
Latitude 7390 2 In 1
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Latitude 7420 Firmware
Before 1.7.1
Running on/withPlatform Versions
Dell
Latitude 7420
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Latitude 7480 Firmware
Before 1.21.1
Running on/withPlatform Versions
Dell
Latitude 7480
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Latitude 7490 Firmware
Before 1.20.1
Running on/withPlatform Versions
Dell
Latitude 7490
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Latitude 9410 Firmware
Before 1.7.0
Running on/withPlatform Versions
Dell
Latitude 9410
All versions
Configuration U
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Latitude 9510 Firmware
Before 1.6.0
Running on/withPlatform Versions
Dell
Latitude 9510
All versions
Configuration V
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Precision 3640 Tower Firmware
Before 1.6.2
Running on/withPlatform Versions
Dell
Precision 3640 Tower
All versions
Configuration W
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Precision 5520 Firmware
Before 1.23.1
Running on/withPlatform Versions
Dell
Precision 5520
All versions
Configuration X
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Precision 5510 Firmware
Before 1.17.0
Running on/withPlatform Versions
Dell
Precision 5510
All versions
Configuration Y
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Precision 5530 2 In 1 Firmware
Before 1.14.10
Running on/withPlatform Versions
Dell
Precision 5530 2 In 1
All versions
Configuration Z
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Xps 13 9360 Firmware
Before 2.16.0
Running on/withPlatform Versions
Dell
Xps 13 9360
All versions
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Xps 13 9370 Firmware
Before 1.15.0
Running on/withPlatform Versions
Dell
Xps 13 9370
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Xps 15 9575 2 In 1 Firmware
Before 1.16.2
Running on/withPlatform Versions
Dell
Xps 15 9575 2 In 1
All versions

Related CWEs

CWE-255
CWE-255

References (2)

Source: security_alert@emc.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.