How severe is CVE-2021-21507?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2021-21507?

This is classified as CWE-261, which is a common weakness in software security.

CVE-2021-21507

CRITICAL Year: 2021

CVSS v3 Score

9.8

Critical

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-261

View all →

Vulnerability Description

Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX Switch Module firmware versions prior to 2.0.0.82 contain a Weak Password Encryption Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable system with privileges of the compromised account.

CVE-2017-7905

CRITICAL

CVSS:9.8(Critical)

A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmwa...

CWE-2612017

CVE-2020-10275

CRITICAL

CVSS:9.8(Critical)

The access tokens for the REST API are directly derived from the publicly available default credentials for the web interface. Given a USERNAME and a PASSWORD, the token string is generated directly w...

CWE-2612020

CVE-2024-24279

HIGH

CVSS:8.8(High)

An issue in secdiskapp 1.5.1 (management program for NewQ Fingerprint Encryption Super Speed Flash Disk) allows attackers to gain escalated privileges via vsVerifyPassword and vsSetFingerPrintPower fu...

CWE-2612024

CVE-2024-28270

HIGH

CVSS:8.1(High)

An issue discovered in web-flash v3.0 allows attackers to reset passwords for arbitrary users via crafted POST request to /prod-api/user/resetPassword.

CWE-2612024