Information Exposure Vulnerability in Dell EMC Data Protection Applications
CVE-2021-21601

8.8HIGH

Key Information:

Vendor: Dell
Status: Data Protection Search
Vendor: CVE Published:; 10 August 2021

Summary

Dell EMC Data Protection Search and IDPA prior to specified versions are affected by a vulnerability that can lead to the exposure of sensitive user credentials through log files. A low-privileged local attacker could exploit this issue, potentially gaining unauthorized access to the application using the leaked credentials, thereby increasing security risks.

Affected Version(s)

Data Protection Search < 19.5

References

https://www.dell.com/support/kbdoc/000189555

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Aug 10, 2021
Vulnerability Reserved
Jan 4, 2021