CVE-2021-21590
Description
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text password storage vulnerability. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A plain-text password storage vulnerability in Dell EMC Unity systems allows a high-privilege local attacker to access credentials and impersonate other users.
Vulnerability
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text password storage vulnerability. The flaw resides in how the system stores credentials, potentially exposing them to a local user with high privileges [1].
Exploitation
An attacker must have local access with high privileges (e.g., a service account) to the affected system. The exploitation does not require user interaction but requires high attack complexity (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H). The attacker can read the stored plain-text passwords from the system [1].
Impact
Successful exploitation allows the attacker to gain access with the privileges of the compromised user, leading to full confidentiality, integrity, and availability impact [1]. The attacker can impersonate other users and potentially escalate privileges.
Mitigation
Dell has released version 5.1.0.0.5.394 to fix this issue. Users should update to this version or later. No workarounds are mentioned in the available reference [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.dell.com/support/kbdoc/000189204mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.