{"vulnerability": "CVE-2021-2154", "sightings": [{"uuid": "7e147163-45b1-4295-b8c6-a069bf7ba85b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21548", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5511", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-21548\n\ud83d\udd25 CVSS Score: 7.4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: \nDell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual Appliance versions before 9.1.0.27, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim\u2019s data in transit.\n\n\n\ud83d\udccf Published: 2023-03-17T05:07:42.867Z\n\ud83d\udccf Modified: 2025-02-26T14:56:10.218Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-uk/000189606/dsa-2021-134-dell-emc-unisphere-for-powermax-dell-emc-unisphere-for-powermax-virtual-appliance-dell-emc-solutions-enabler-virtual-appliance-and-dell-emc-powermax-embedded-management-security-update-for-multiple-third-party-component-vulnerabilities", "creation_timestamp": "2025-02-26T15:26:17.000000Z"}, {"uuid": "c9dadf82-c5d1-4db9-bd49-4b4bf902ab77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-2154", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02", "content": "", "creation_timestamp": "2026-01-27T11:00:00.000000Z"}, {"uuid": "15ce2e0e-2448-4f2d-87e1-07bde8021bb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21548", "type": "seen", "source": "https://t.me/cibsecurity/60239", "content": "\u203c CVE-2021-21548 \u203c\n\nDell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual Appliance versions before 9.1.0.27, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim\u00e2\u20ac\u2122s data in transit.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-17T11:36:45.000000Z"}, {"uuid": "8df07dba-066d-4de3-ba01-01b418293e98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21546", "type": "seen", "source": "https://t.me/cibsecurity/26572", "content": "\u203c CVE-2021-21546 \u203c\n\nDell EMC NetWorker versions 18.x,19.x prior to 19.3.0.4 and 19.4.0.0 contain an Information Disclosure in Log Files vulnerability. A local low-privileged user of the Networker server could potentially exploit this vulnerability to read plain-text credentials from server log files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-29T20:14:29.000000Z"}]}