Improper Privilege Management in Dell EMC Avamar Server AUI
CVE-2021-36316

6.7MEDIUM

Key Information:

Vendor: Dell
Status: Avamar
Vendor: CVE Published:; 21 December 2021

Summary

Dell EMC Avamar Server versions 18.2 through 19.4 are impacted by an improper privilege management vulnerability affecting the Administrative User Interface (AUI). A malicious actor with elevated privileges could exploit this flaw, enabling unauthorized access to sensitive AUI information and the ability to conduct unauthorized operations, potentially compromising the integrity of the system.

Affected Version(s)

Avamar 18.2, 19.1, 19.2, 19.3, 19.4

References

https://www.dell.com/support/kbdoc/000193369

x_refsource_MISC

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 21, 2021
Vulnerability Reserved
Jul 8, 2021