CVE-2021-36322

Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary host header values to poison the web-cache or trigger redirections.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dell:x1008p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:x1008p:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:dell:x1018p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:x1018p:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:dell:x1026p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:x1026p:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:dell:x1052p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:x1052p:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:dell:x4012_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:x4012:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:dell:x1008_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:x1008:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:dell:x1018_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:x1018:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:dell:x1026_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:x1026:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:dell:x1052_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:x1052:-:*:*:*:*:*:*:*

Information

Published : 2021-11-19 18:15

Updated : 2022-10-24 09:25


NVD link : CVE-2021-36322

Mitre link : CVE-2021-36322


JSON object : View

CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Advertisement

dedicated server usa

Products Affected

dell

  • x1018p
  • x1052p
  • x1018
  • x1008p
  • x1008_firmware
  • x1026p
  • x4012
  • x4012_firmware
  • x1008
  • x1026_firmware
  • x1052
  • x1018_firmware
  • x1026
  • x1052_firmware
  • x1026p_firmware
  • x1008p_firmware
  • x1052p_firmware
  • x1018p_firmware