1. Home
  2. CVE Database
  3. CVE-2021-21547
MEDIUM · 6.4

CVE-2021-21547

Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system. The credentials...

Vulnerability Description

Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system. The credentials of the Unisphere Administrator are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.

CVSS Score

6.4

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
DellUnity Operating Environment< 5.0.7.0.5.008
DellUnity Xt Operating Environment< 5.0.7.0.5.008
DellUnityvsa Operating Environment< 5.0.7.0.5.008

Related Weaknesses (CWE)

CWE-312

References

FAQ

What is CVE-2021-21547?

CVE-2021-21547 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system. The credentials...

How severe is CVE-2021-21547?

CVE-2021-21547 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-21547?

Check the references section above for vendor advisories and patch information. Affected products include: Dell Unity Operating Environment, Dell Unity Xt Operating Environment, Dell Unityvsa Operating Environment.