CVE-2021-36311
First published: Mon Oct 11 2021(Updated: )
Dell EMC Networker versions prior to 19.5 contain an Improper Authorization vulnerability. Any local malicious user with networker user privileges may exploit this vulnerability to upload malicious file to unauthorized locations and execute it.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell EMC NetWorker | <19.5.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-36311?
CVE-2021-36311 is classified as a critical vulnerability due to improper authorization allowing local attackers to upload malicious files.
How do I fix CVE-2021-36311?
To fix CVE-2021-36311, update Dell EMC Networker to version 19.5 or later.
Who is affected by CVE-2021-36311?
CVE-2021-36311 affects users of Dell EMC Networker versions prior to 19.5 with local networker user privileges.
What kind of exploit can be executed with CVE-2021-36311?
An attacker can exploit CVE-2021-36311 to upload malicious files to unauthorized locations and execute them.
Is there any workaround for CVE-2021-36311?
No official workaround is provided for CVE-2021-36311; the only mitigation is to upgrade to the latest version.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/weakness
- agent/author
- agent/severity
- agent/last-modified-date
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/dell
- canonical/dell emc networker