Improper Authorization Vulnerability in Dell EMC Avamar Server
CVE-2021-21511

8.1HIGH

Key Information:

Vendor: Dell
Status: Avamar
Vendor: CVE Published:; 15 February 2021

Summary

Dell EMC Avamar Server versions 19.3 and 19.4 have a vulnerability in their web user interface that allows low-privileged remote attackers to perform unauthorized actions. Exploiting this flaw could enable attackers to read or modify sensitive backup data belonging to other users, increasing the risk of data breaches.

Affected Version(s)

Avamar 19.3, 19.4

References

https://www.dell.com/support/kbdoc/en-us/000182926/dsa-20...

x_refsource_MISC

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 15, 2021
Vulnerability Reserved
Jan 4, 2021