CVE-2021-21601
HIGHDell Emc Data Protection Search < 19.5 - Log Information Exposure
Title source: ruleDescription
Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an Information Exposure in Log File Vulnerability in CIS. A local low privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with the privileges of the compromised account.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.dell.com/support/kbdoc/000189555
Scores
CVSS v3
8.8
EPSS
0.0004
EPSS Percentile
11.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Details
CWE
CWE-532
Status
published
Products (2)
dell/emc_data_protection_search
< 19.5
dell/emc_integrated_data_protection_appliance
< 2.7
Published
Aug 10, 2021
Tracked Since
Feb 18, 2026