Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

CVE-2021-21558 : Security Advisory and Response

Get insights into CVE-2021-21558 impacting Dell EMC NetWorker versions 18.x to 19.4.0.1. Learn about the severity, impact, affected systems, and mitigation steps.

This CVE-2021-21558 article provides details about an Information Disclosure vulnerability found in Dell EMC NetWorker versions, affecting confidentiality and integrity.

Understanding CVE-2021-21558

This section delves into the specifics of the CVE-2021-21558 vulnerability affecting Dell's NetWorker software.

What is CVE-2021-21558?

CVE-2021-21558 is an Information Disclosure vulnerability found in Dell EMC NetWorker versions 18.x to 19.4.0.1. This vulnerability allows a local administrator to potentially access LDAP credentials from logs, enabling unauthorized changes within the network domain.

The Impact of CVE-2021-21558

The vulnerability's CVSS v3.1 base score of 8.2 (High) indicates a significant impact, affecting confidentiality, integrity, and availability due to the exposure of sensitive LDAP credentials.

Technical Details of CVE-2021-21558

This section outlines the technical aspects of the CVE-2021-21558 vulnerability.

Vulnerability Description

The vulnerability in Dell EMC NetWorker allows a local administrator to extract LDAP credentials from system logs, leading to unauthorized network domain modifications.

Affected Systems and Versions

Dell EMC NetWorker versions 18.x, 19.1.x, 19.2.x, 19.3.x, and up to 19.4.0.1 are affected by CVE-2021-21558.

Exploitation Mechanism

Exploiting this vulnerability requires local access to the gstd system, enabling threat actors to misuse stolen LDAP credentials for network domain alterations.

Mitigation and Prevention

Learn how to safeguard your systems against CVE-2021-21558 and prevent potential exploitation.

Immediate Steps to Take

Immediate mitigation steps involve applying security patches and restricting local access to prevent unauthorized network changes.

Long-Term Security Practices

Implementing robust access controls, regular log monitoring, and security training can enhance long-term security posture.

Patching and Updates

Regularly update Dell EMC NetWorker to versions beyond 19.4.0.1 to mitigate the CVE-2021-21558 vulnerability.

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now