CVE-2021-21558

HIGH

Dell EMC NetWorker 18.1.0.1-19.4.0.1 - Information Disclosure via Local Log Files

Title source: llm

Description

Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, contains an Information Disclosure vulnerability. A local administrator of the gstd system may potentially exploit this vulnerability to read LDAP credentials from local logs and use the stolen credentials to make changes to the network domain.

References (1)

Core 1

Core References

Patch, Vendor Advisory x_refsource_misc

https://www.dell.com/support/kbdoc/en-us/000186638/dsa-2021-104-dell-emc-networker-security-update-for-multiple-vulnerabilities

Scores

CVSS v3 8.2

EPSS 0.0025

EPSS Percentile 16.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Details

CWE

CWE-532

Status published

Products (1)

dell/emc_networker 18.1.0.1 - 19.4.0.2

Published Jun 08, 2021

Tracked Since Feb 18, 2026