CVE-2021-36316
Severity Score
7.2
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain an improper privilege management vulnerability in AUI. A malicious user with high privileges could potentially exploit this vulnerability, leading to the disclosure of the AUI info and performing some unauthorized operation on the AUI.
Dell EMC Avamar Server versiones 18.2, 19.1, 19.2, 19.3 y 19.4, contienen una vulnerabilidad de administración de privilegios inapropiada en AUI. Un usuario malicioso con altos privilegios podría explotar esta vulnerabilidad, conllevando a una divulgación de la información de AUI y la realización de alguna operación no autorizada en el AUI
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-07-08 CVE Reserved
- 2021-12-21 CVE Published
- 2023-07-14 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-269: Improper Privilege Management
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.dell.com/support/kbdoc/000193369 | 2022-01-05 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dell Search vendor "Dell" | Emc Avamar Server Search vendor "Dell" for product "Emc Avamar Server" | 18.2 Search vendor "Dell" for product "Emc Avamar Server" and version "18.2" | - |
Affected
| ||||||
| Dell Search vendor "Dell" | Emc Avamar Server Search vendor "Dell" for product "Emc Avamar Server" | 19.1 Search vendor "Dell" for product "Emc Avamar Server" and version "19.1" | - |
Affected
| ||||||
| Dell Search vendor "Dell" | Emc Avamar Server Search vendor "Dell" for product "Emc Avamar Server" | 19.2 Search vendor "Dell" for product "Emc Avamar Server" and version "19.2" | - |
Affected
| ||||||
| Dell Search vendor "Dell" | Emc Avamar Server Search vendor "Dell" for product "Emc Avamar Server" | 19.3 Search vendor "Dell" for product "Emc Avamar Server" and version "19.3" | - |
Affected
| ||||||
| Dell Search vendor "Dell" | Emc Avamar Server Search vendor "Dell" for product "Emc Avamar Server" | 19.4 Search vendor "Dell" for product "Emc Avamar Server" and version "19.4" | - |
Affected
| ||||||