Описание
Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability. A non-LDAP remote user with low privileges may exploit this vulnerability to perform 'saveset' related operations in an unintended manner. The vulnerability is not exploitable by users authenticated via LDAP.
Уязвимые конфигурации
Конфигурация 1Версия до 19.3.0.2 (исключая)
cpe:2.3:a:dell:emc_networker:*:*:*:*:*:*:*:*
EPSS
Процентиль: 33%
0.00128
Низкий
6.8 Medium
CVSS3
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-266
CWE-552
Связанные уязвимости
github
больше 3 лет назад
Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability. A non-LDAP remote user with low privileges may exploit this vulnerability to perform 'saveset' related operations in an unintended manner. The vulnerability is not exploitable by users authenticated via LDAP.
EPSS
Процентиль: 33%
0.00128
Низкий
6.8 Medium
CVSS3
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-266
CWE-552