PT-2021-14643 · Dell Emc · Dell Emc Networker

Published

2021-08-10

Updated

2021-08-18

CVE-2021-21600

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Dell EMC NetWorker versions 19.4 or older

Description The issue is related to an uncontrolled resource consumption flaw in the API service of Dell EMC NetWorker. This could be exploited by an authorized API user via the web and desktop user interfaces, potentially leading to denial of service in the manageability path.

Recommendations For versions 19.4 or older, consider restricting access to the API service as a temporary workaround until a patch is available. Additionally, limiting the use of the web and desktop user interfaces may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Release of Resource after Effective Lifetime

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-772

Related Identifiers

CVE-2021-21600

Affected Products

Dell Emc Networker

PT-2021-14643 · Dell Emc · Dell Emc Networker

CVE-2021-21600

Weakness Enumeration

Related Identifiers

Affected Products

References · 5