CVE-2021-21558
First published: Thu May 13 2021(Updated: )
Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, contains an Information Disclosure vulnerability. A local administrator of the gstd system may potentially exploit this vulnerability to read LDAP credentials from local logs and use the stolen credentials to make changes to the network domain.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell EMC NetWorker | >=18.1.0.1<19.4.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-21558?
CVE-2021-21558 has been classified as a high-severity information disclosure vulnerability.
How do I fix CVE-2021-21558?
To remediate CVE-2021-21558, users should update to Dell EMC NetWorker version 19.4.0.2 or later.
Who is affected by CVE-2021-21558?
CVE-2021-21558 affects local administrators of Dell EMC NetWorker versions 18.x and 19.x up to 19.4.0.1.
What does CVE-2021-21558 exploit?
CVE-2021-21558 can be exploited to read sensitive LDAP credentials from local logs.
What impact does CVE-2021-21558 have?
The impact of CVE-2021-21558 could allow an attacker to make unauthorized changes to the system using stolen LDAP credentials.
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/remedy
- agent/weakness
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/dell
- canonical/dell emc networker
- version/dell emc networker/18.1.0.1