Vulnerability Description
Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an Information Exposure in Log File Vulnerability in CIS. A local low privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with the privileges of the compromised account.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Emc Data Protection Search | < 19.5 |
| Dell | Emc Integrated Data Protection Appliance | < 2.7 |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/000189555PatchVendor Advisory
- https://www.dell.com/support/kbdoc/000189555PatchVendor Advisory
FAQ
What is CVE-2021-21601?
CVE-2021-21601 is a vulnerability with a CVSS score of 8.8 (HIGH). Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an Information Exposure in Log File Vulnerability in CIS. A local low privileged attacker could potentially exploit ...
How severe is CVE-2021-21601?
CVE-2021-21601 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-21601?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Emc Data Protection Search, Dell Emc Integrated Data Protection Appliance.