CVE-2021-36316
MEDIUMDell EMC Avamar Server <19.4 - Privilege Escalation
Title source: llmDescription
Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain an improper privilege management vulnerability in AUI. A malicious user with high privileges could potentially exploit this vulnerability, leading to the disclosure of the AUI info and performing some unauthorized operation on the AUI.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.dell.com/support/kbdoc/000193369
Scores
CVSS v3
6.7
EPSS
0.0023
EPSS Percentile
45.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H
Details
CWE
CWE-269
Status
published
Products (5)
dell/emc_avamar_server
18.2
dell/emc_avamar_server
19.1
dell/emc_avamar_server
19.2
dell/emc_avamar_server
19.3
dell/emc_avamar_server
19.4
Published
Dec 21, 2021
Tracked Since
Feb 18, 2026