Vulnerability-Lookup

CVE-2021-36297 (GCVE-0-2021-36297)

Vulnerability from cvelistv5 – Published: 2021-09-28 19:20 – Updated: 2024-09-16 20:38

Summary

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-426 - Untrusted Search Path

Assigner

dell

References

URL

Tags

https://www.dell.com/support/kbdoc/en-us/00019105…

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Dell	SupportAssist Client Consumer	Affected: 3.8, 3.9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:54:51.387Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.dell.com/support/kbdoc/en-us/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SupportAssist Client Consumer",
          "vendor": "Dell",
          "versions": [
            {
              "status": "affected",
              "version": "3.8, 3.9"
            }
          ]
        }
      ],
      "datePublic": "2021-08-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll\u0027s,"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426: Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-28T19:20:28",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.dell.com/support/kbdoc/en-us/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@dell.com",
          "DATE_PUBLIC": "2021-08-31",
          "ID": "CVE-2021-36297",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SupportAssist Client Consumer",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "3.8, 3.9"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Dell"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll\u0027s,"
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 7.8,
            "baseSeverity": "High",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-426: Untrusted Search Path"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.dell.com/support/kbdoc/en-us/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities",
              "refsource": "MISC",
              "url": "https://www.dell.com/support/kbdoc/en-us/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2021-36297",
    "datePublished": "2021-09-28T19:20:28.930601Z",
    "dateReserved": "2021-07-08T00:00:00",
    "dateUpdated": "2024-09-16T20:38:07.749Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-36297\",\"sourceIdentifier\":\"security_alert@emc.com\",\"published\":\"2021-09-28T20:15:07.780\",\"lastModified\":\"2024-11-21T06:13:26.890\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll\u0027s,\"},{\"lang\":\"es\",\"value\":\"SupportAssist Client versiones 3.8 y 3.9, contienen una vulnerabilidad de ruta de b\u00fasqueda no Confiable que permite a atacantes cargar un archivo .dll arbitrario por medio de una plantaci\u00f3n/secuestro de .dll, s\u00f3lo por una acci\u00f3n administrativa independiente que no es una parte predeterminada de la instalaci\u00f3n de SOSInstallerTool.exe para ejecutar dll\u0027s arbitrarios\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security_alert@emc.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":4.4,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"security_alert@emc.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-426\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-426\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dell:supportassist_for_home_pcs:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.9.0\",\"matchCriteriaId\":\"C5002905-5ACC-409F-8D47-595FDEDE39A2\"}]}]}],\"references\":[{\"url\":\"https://www.dell.com/support/kbdoc/en-us/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities\",\"source\":\"security_alert@emc.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.dell.com/support/kbdoc/en-us/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

VAR-202109-1535

Vulnerability from variot - Updated: 2024-08-14 14:18

SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll's,. DELL Dell SupportAssist Client is a client application of Dell (DELL). The program provides automated, proactive and predictive techniques for troubleshooting and more. There is a code problem vulnerability in SupportAssist Client, which is caused by the management operation in the product arbitrarily loading dll files when loading files. An attacker could exploit this vulnerability to execute arbitrary files. The following products and versions are affected: SupportAssist Client versions 3.8 and 3.9

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202109-1535",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "supportassist for home pcs",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "dell",
        "version": "3.9.0"
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-36297"
      }
    ]
  },
  "cve": "CVE-2021-36297",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.4,
            "id": "CVE-2021-36297",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.1,
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.4,
            "id": "VHN-397578",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2021-36297",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "security_alert@emc.com",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2021-36297",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-36297",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "security_alert@emc.com",
            "id": "CVE-2021-36297",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202109-1867",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-397578",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-36297",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-397578"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-36297"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-1867"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-36297"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-36297"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll\u0027s,. DELL Dell SupportAssist Client is a client application of Dell (DELL). The program provides automated, proactive and predictive techniques for troubleshooting and more. There is a code problem vulnerability in SupportAssist Client, which is caused by the management operation in the product arbitrarily loading dll files when loading files. An attacker could exploit this vulnerability to execute arbitrary files. The following products and versions are affected: SupportAssist Client versions 3.8 and 3.9",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-36297"
      },
      {
        "db": "VULHUB",
        "id": "VHN-397578"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-36297"
      }
    ],
    "trust": 1.08
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-36297",
        "trust": 1.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-1867",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-83202",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-397578",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-36297",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-397578"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-36297"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-1867"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-36297"
      }
    ]
  },
  "id": "VAR-202109-1535",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-397578"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-08-14T14:18:21.873000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SupportAssist Client Fixes for code issue vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=164866"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-1867"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-426",
        "trust": 1.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-397578"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-36297"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "https://www.dell.com/support/kbdoc/en-us/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/426.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-397578"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-36297"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-1867"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-36297"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-397578"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-36297"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-1867"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-36297"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-09-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-397578"
      },
      {
        "date": "2021-09-28T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-36297"
      },
      {
        "date": "2021-09-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202109-1867"
      },
      {
        "date": "2021-09-28T20:15:07.780000",
        "db": "NVD",
        "id": "CVE-2021-36297"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-10-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-397578"
      },
      {
        "date": "2021-10-07T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-36297"
      },
      {
        "date": "2021-10-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202109-1867"
      },
      {
        "date": "2021-10-07T12:56:21.137000",
        "db": "NVD",
        "id": "CVE-2021-36297"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-1867"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SupportAssist Client Code problem vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-1867"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "code problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-1867"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2021-36297

Vulnerability from fkie_nvd - Published: 2021-09-28 20:15 - Updated: 2024-11-21 06:13

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	security_alert@emc.com	https://www.dell.com/support/kbdoc/en-us/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.dell.com/support/kbdoc/en-us/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities	Vendor Advisory

Impacted products

	Vendor	Product	Version
	dell	supportassist_for_home_pcs	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:dell:supportassist_for_home_pcs:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5002905-5ACC-409F-8D47-595FDEDE39A2",
              "versionEndExcluding": "3.9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll\u0027s,"
    },
    {
      "lang": "es",
      "value": "SupportAssist Client versiones 3.8 y 3.9, contienen una vulnerabilidad de ruta de b\u00fasqueda no Confiable que permite a atacantes cargar un archivo .dll arbitrario por medio de una plantaci\u00f3n/secuestro de .dll, s\u00f3lo por una acci\u00f3n administrativa independiente que no es una parte predeterminada de la instalaci\u00f3n de SOSInstallerTool.exe para ejecutar dll\u0027s arbitrarios"
    }
  ],
  "id": "CVE-2021-36297",
  "lastModified": "2024-11-21T06:13:26.890",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "security_alert@emc.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-28T20:15:07.780",
  "references": [
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/en-us/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/en-us/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-426"
        }
      ],
      "source": "security_alert@emc.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-426"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-6WMF-4RWP-J5X8

Vulnerability from github – Published: 2022-05-24 19:15 – Updated: 2022-05-24 19:15

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-36297"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-426"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-28T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll\u0027s,",
  "id": "GHSA-6wmf-4rwp-j5x8",
  "modified": "2022-05-24T19:15:55Z",
  "published": "2022-05-24T19:15:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36297"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2021-36297

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-36297

Aliases

CVE-2021-36297

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-36297",
    "description": "SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll\u0027s,",
    "id": "GSD-2021-36297"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-36297"
      ],
      "details": "SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll\u0027s,",
      "id": "GSD-2021-36297",
      "modified": "2023-12-13T01:23:16.421954Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@dell.com",
        "DATE_PUBLIC": "2021-08-31",
        "ID": "CVE-2021-36297",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "SupportAssist Client Consumer",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "3.8, 3.9"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Dell"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll\u0027s,"
          }
        ]
      },
      "impact": {
        "cvss": {
          "baseScore": 7.8,
          "baseSeverity": "High",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-426: Untrusted Search Path"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.dell.com/support/kbdoc/en-us/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities",
            "refsource": "MISC",
            "url": "https://www.dell.com/support/kbdoc/en-us/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:dell:supportassist_for_home_pcs:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.9.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@dell.com",
          "ID": "CVE-2021-36297"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll\u0027s,"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-426"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.dell.com/support/kbdoc/en-us/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.4,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-10-07T12:56Z",
      "publishedDate": "2021-09-28T20:15Z"
    }
  }
}

CNVD-2022-83202

Vulnerability from cnvd - Published: 2022-11-30

Title

Dell SupportAssist Client代码问题漏洞

Description

Dell SupportAssist Client是美国戴尔（DELL）公司的一款客户端应用程序。该程序提供自动化、主动和预测性技术进行故障排除等。 Dell SupportAssist Client存在代码问题漏洞，攻击者可利用该漏洞使用.dll植入/劫持加载任意的.dll文件。

Severity

中

Patch Name

Dell SupportAssist Client代码问题漏洞的补丁

Patch Description

Dell SupportAssist Client是美国戴尔（DELL）公司的一款客户端应用程序。该程序提供自动化、主动和预测性技术进行故障排除等。 Dell SupportAssist Client存在代码问题漏洞，攻击者可利用该漏洞使用.dll植入/劫持加载任意的.dll文件。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.dell.com/support/kbdoc/zh-cn/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities

Reference

https://nvd.nist.gov/vuln/detail/CVE-2021-36297

Impacted products

Name
DELL SupportAssist Client 3.8

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-36297",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-36297"
    }
  },
  "description": "Dell SupportAssist Client\u662f\u7f8e\u56fd\u6234\u5c14\uff08DELL\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5ba2\u6237\u7aef\u5e94\u7528\u7a0b\u5e8f\u3002\u8be5\u7a0b\u5e8f\u63d0\u4f9b\u81ea\u52a8\u5316\u3001\u4e3b\u52a8\u548c\u9884\u6d4b\u6027\u6280\u672f\u8fdb\u884c\u6545\u969c\u6392\u9664\u7b49\u3002\n\nDell SupportAssist Client\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4f7f\u7528.dll\u690d\u5165/\u52ab\u6301\u52a0\u8f7d\u4efb\u610f\u7684.dll\u6587\u4ef6\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.dell.com/support/kbdoc/zh-cn/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-83202",
  "openTime": "2022-11-30",
  "patchDescription": "Dell SupportAssist Client\u662f\u7f8e\u56fd\u6234\u5c14\uff08DELL\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5ba2\u6237\u7aef\u5e94\u7528\u7a0b\u5e8f\u3002\u8be5\u7a0b\u5e8f\u63d0\u4f9b\u81ea\u52a8\u5316\u3001\u4e3b\u52a8\u548c\u9884\u6d4b\u6027\u6280\u672f\u8fdb\u884c\u6545\u969c\u6392\u9664\u7b49\u3002\r\n\r\nDell SupportAssist Client\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4f7f\u7528.dll\u690d\u5165/\u52ab\u6301\u52a0\u8f7d\u4efb\u610f\u7684.dll\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Dell SupportAssist Client\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "DELL SupportAssist Client 3.8"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-36297",
  "serverity": "\u4e2d",
  "submitTime": "2021-09-29",
  "title": "Dell SupportAssist Client\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-36297 (GCVE-0-2021-36297)

VAR-202109-1535

FKIE_CVE-2021-36297

GHSA-6WMF-4RWP-J5X8

GSD-2021-36297

CNVD-2022-83202

Tags

Sightings

Nomenclature