CVE-2021-36311

Published: Nov 23, 2021Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Dell EMC Networker versions prior to 19.5 contain an Improper Authorization vulnerability. Any local malicious user with networker user privileges may exploit this vulnerability to upload malicious file to unauthorized locations and execute it.

Affected (1)

Products: Dell: Emc Networker

Dell

1 product

Emc Networker

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Dell Emc Networker	Before 19.5.0.0

Related CWEs

CWE-285

Improper Authorization

The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

References (2)

https://www.dell.com/support/kbdoc/000192419

Source: security_alert@emc.com

PatchVendor Advisory

https://www.dell.com/support/kbdoc/000192419

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.