Details of VAR-202104-0675

ID

VAR-202104-0675

CVE

CVE-2021-21534

TITLE

Dell Hybrid Client Information disclosure vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202104-2287

DESCRIPTION

Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain access to sensitive information via the local API. DELL Dell Hybrid Client is an application software of Dell (DELL). Provides a client computing software with hybrid cloud management capabilities

Trust: 1.08

sources: NVD: CVE-2021-21534 // VULHUB: VHN-379938 // VULMON: CVE-2021-21534

AFFECTED PRODUCTS

vendor:

dell

model:

hybrid client

scope:

version:

1.5

Trust: 1.0

sources: NVD: CVE-2021-21534

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-21534
value:	LOW
Trust: 1.0
security_alert@emc.com:	CVE-2021-21534
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-202104-2287
value:	LOW
Trust: 0.6
VULHUB:	VHN-379938
value:	LOW
Trust: 0.1
VULMON:	CVE-2021-21534
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2021-21534
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
VULHUB:	VHN-379938
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-21534
baseSeverity:	LOW
baseScore:	3.3
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	1.4
version:	3.1
Trust: 1.0
security_alert@emc.com:	CVE-2021-21534
baseSeverity:	MEDIUM
baseScore:	4.0
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.5
impactScore:	1.4
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-379938 // VULMON: CVE-2021-21534 // CNNVD: CNNVD-202104-2287 // NVD: CVE-2021-21534 // NVD: CVE-2021-21534

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.1

sources: VULHUB: VHN-379938 // NVD: CVE-2021-21534

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202104-2287

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-202104-2287

PATCH

title:	Dell Hybrid Client Repair measures for information disclosure vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=149629	Trust: 0.6
title:	CVE-2021-21534	url:	https://github.com/JamesGeee/CVE-2021-21534	Trust: 0.1

sources: VULMON: CVE-2021-21534 // CNNVD: CNNVD-202104-2287

EXTERNAL IDS

db:	NVD	id:	CVE-2021-21534	Trust: 1.8
db:	CNNVD	id:	CNNVD-202104-2287	Trust: 0.6
db:	VULHUB	id:	VHN-379938	Trust: 0.1
db:	VULMON	id:	CVE-2021-21534	Trust: 0.1

sources: VULHUB: VHN-379938 // VULMON: CVE-2021-21534 // CNNVD: CNNVD-202104-2287 // NVD: CVE-2021-21534

REFERENCES

url:	https://www.dell.com/support/kbdoc/en-us/000184667/dsa-2021-071-dell-hybrid-client-security-update-for-multiple-vulnerabilities	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-21534	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/200.html	Trust: 0.1
url:	https://github.com/jamesgeee/cve-2021-21534	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-379938 // VULMON: CVE-2021-21534 // CNNVD: CNNVD-202104-2287 // NVD: CVE-2021-21534

SOURCES

db:	VULHUB	id:	VHN-379938
db:	VULMON	id:	CVE-2021-21534
db:	CNNVD	id:	CNNVD-202104-2287
db:	NVD	id:	CVE-2021-21534

LAST UPDATE DATE

2024-08-14T13:43:34.385000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-379938	date:	2021-05-06T00:00:00
db:	VULMON	id:	CVE-2021-21534	date:	2021-05-06T00:00:00
db:	CNNVD	id:	CNNVD-202104-2287	date:	2021-05-07T00:00:00
db:	NVD	id:	CVE-2021-21534	date:	2021-05-06T19:47:55.353

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-379938	date:	2021-04-30T00:00:00
db:	VULMON	id:	CVE-2021-21534	date:	2021-04-30T00:00:00
db:	CNNVD	id:	CNNVD-202104-2287	date:	2021-04-30T00:00:00
db:	NVD	id:	CVE-2021-21534	date:	2021-04-30T18:15:07.390