7.2
CVE-2021-36316
- EPSS 0.23%
- Veröffentlicht 21.12.2021 17:15:07
- Zuletzt bearbeitet 21.11.2024 06:13:29
- Quelle security_alert@emc.com
- Teams Watchlist Login
- Unerledigt Login
Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain an improper privilege management vulnerability in AUI. A malicious user with high privileges could potentially exploit this vulnerability, leading to the disclosure of the AUI info and performing some unauthorized operation on the AUI.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ Emc Avamar Server Version18.2
Dell ≫ Emc Avamar Server Version19.1
Dell ≫ Emc Avamar Server Version19.2
Dell ≫ Emc Avamar Server Version19.3
Dell ≫ Emc Avamar Server Version19.4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.424 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 1.2 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|
| security_alert@emc.com | 6.7 | 1.2 | 5.5 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H
|
CWE-269 Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.