← Back to CVEs
CVE-2021-21601
HIGH8.8
Description
Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an Information Exposure in Log File Vulnerability in CIS. A local low privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with the privileges of the compromised account.
CVE Details
CVSS v3.1 Score8.8
SeverityHIGH
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
Published8/10/2021
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
dell:emc_data_protection_searchdell:emc_integrated_data_protection_appliance
Weaknesses (CWE)
CWE-532
References
https://www.dell.com/support/kbdoc/000189555(security_alert@emc.com)
https://www.dell.com/support/kbdoc/000189555(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.