cbcvebase.
CVE-2021-21558
published 2021-06-08

CVE-2021-21558: Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, contains an Information Disclosure vulnerability. A local administrator of the gstd system…

PriorityP415medium4.4CVSS 3.1
AVLACLPRHUINSUCHINAN
EPSS
0.25%
16.2th percentile
Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, contains an Information Disclosure vulnerability. A local administrator of the gstd system may potentially exploit this vulnerability to read LDAP credentials from local logs and use the stolen credentials to make changes to the network domain.

Affected

2 ranges
VendorProductVersion rangeFixed in
dellemc_networker>= 18.1.0.1 < 19.4.0.219.4.0.2
dellnetworker>= unspecified < 19.4.0.219.4.0.2

CVSS provenance

nvdv3.14.4MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.