Lucene search

DellCVELIST:CVE-2021-21600

HistoryAug 10, 2021 - 7:05 p.m.

CVE-2021-21600

2021-08-1019:05:34

CWE-772

dell

www.cve.org

dell emc networker

api

vulnerability

older versions

denial of service

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

35.0%

JSON

Dell EMC NetWorker, 19.4 or older, contain an uncontrolled resource consumption flaw in its API service. An authorized API user could potentially exploit this vulnerability via the web and desktop user interfaces, leading to denial of service in the manageability path.

CNA Affected

[
  {
    "product": "NetWorker",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "19.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/000189694

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

35.0%

JSON

Related for CVELIST:CVE-2021-21600