CVE-2020-26182

Name of the Vulnerable Software and Affected Versions Dell EMC NetWorker versions prior to 19.3.0.2

Description The issue concerns an incorrect privilege assignment, allowing a non-LDAP remote user with low privileges to perform 'saveset' related operations in an unintended manner. This vulnerability does not affect users authenticated via LDAP.

Recommendations For versions prior to 19.3.0.2, update to version 19.3.0.2 or later to resolve the issue. As a temporary workaround, consider restricting access to 'saveset' related operations for non-LDAP remote users with low privileges until the update is applied.