Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in AvInstaller. A local attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.
References
Link | Resource |
---|---|
https://security.gentoo.org/glsa/202210-09 | Third Party Advisory |
https://www.dell.com/support/kbdoc/000193369 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dell
Published: 2021-11-09T00:00:00
Updated: 2022-10-16T00:00:00
Reserved: 2021-07-08T00:00:00
Link: CVE-2021-36317
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-12-21T17:15:08.047
Modified: 2022-11-07T18:59:28.947
Link: CVE-2021-36317
JSON object: View
Redhat Information
No data.