Plain-Text Password Storage Vulnerability in Dell EMC Avamar
CVE-2021-36318

6.7MEDIUM

Key Information:

Vendor: Dell
Status: Avamar
Vendor: CVE Published:; 21 December 2021

Summary

Dell EMC Avamar versions 18.2 through 19.4 have a vulnerability concerning plain-text password storage. This flaw allows a high-privileged user to potentially exploit the vulnerability, which could result in a complete outage of the system. Organizations using these versions should prioritize updating to secure their data and prevent unauthorized access.

Affected Version(s)

Avamar < 18.2 19.1 19.2 19.3 19.4

References

https://www.dell.com/support/kbdoc/000193369

https://security.gentoo.org/glsa/202210-09

vendor-advisory

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 21, 2021
Vulnerability Reserved
Jul 8, 2021