CVE-2021-21511

8.1HIGH

Key Information:

Vendor: Dell
Status: Avamar
Vendor: CVE Published:; 15 February 2021

Summary

Dell EMC Avamar Server, versions 19.3 and 19.4 contain an Improper Authorization vulnerability in the web UI. A remote low privileged attacker could potentially exploit this vulnerability, to gain unauthorized read or modification access to other users' backup data.

Affected Version(s)

Avamar 19.3, 19.4

References

https://www.dell.com/support/kbdoc/en-us/000182926/dsa-20...

x_refsource_MISC

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 15, 2021
Vulnerability Reserved
Jan 4, 2021