CVE-2021-36318

CVSS v3.1

6.7

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dell EMC Avamar versions 18.2, 19.1, 19.2, 19.3, 19.4

Description The issue is related to plain-text password storage. A high privileged user could potentially exploit this, leading to a complete outage.

Recommendations For versions 18.2, 19.1, 19.2, 19.3, 19.4, consider changing the storage of passwords to a more secure method to mitigate the risk of exploitation. As a temporary workaround, restrict access to high privileged users until a more secure password storage solution is implemented.

Fix

Insertion into Log File

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-532CWE-522

Related Identifiers

CVE-2021-36318

Affected Products

Dell Emc Avamar

CVE-2021-36318

Weakness Enumeration

Related Identifiers

Affected Products

References · 6