CVE-2021-21558
HIGHDell Emc Networker < 19.4.0.2 - Log Information Exposure
Title source: ruleDescription
Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, contains an Information Disclosure vulnerability. A local administrator of the gstd system may potentially exploit this vulnerability to read LDAP credentials from local logs and use the stolen credentials to make changes to the network domain.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.dell.com/support/kbdoc/en-us/000186638/dsa-2021-104-dell-emc-networker-security-update-for-multiple-vulnerabilities
Scores
CVSS v3
8.2
EPSS
0.0006
EPSS Percentile
18.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Details
CWE
CWE-532
Status
published
Products (1)
dell/emc_networker
18.1.0.1 - 19.4.0.2
Published
Jun 08, 2021
Tracked Since
Feb 18, 2026