Artikelnummer: 000189694
Medium
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21600 | Dell NetWorker 19.4 or earlier contains an uncontrolled resource consumption flaw in its API service. An authorized API user may potentially exploit this vulnerability using the web and desktop user interfaces, leading to denial of service in the manageability path. | 6.5 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
| Third-Party Component | CVEs | More Information |
| OpenSSL | CVE-2020-1971 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE. |
| Apache Tomcat | CVE-2020-1935 | |
| CVE-2021-24122 |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21600 | Dell NetWorker 19.4 or earlier contains an uncontrolled resource consumption flaw in its API service. An authorized API user may potentially exploit this vulnerability using the web and desktop user interfaces, leading to denial of service in the manageability path. | 6.5 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
| Third-Party Component | CVEs | More Information |
| OpenSSL | CVE-2020-1971 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE. |
| Apache Tomcat | CVE-2020-1935 | |
| CVE-2021-24122 |
| CVEs Addressed | Product | Affected Versions | Updated Versions | Link to Update |
| CVE-2021-21600 | Dell EMC NetWorker | 18.x, 19.1.x, 19.2.x 19.3.x, and 19.4.x prior to 19.4.0.4. |
|
https://www.dell.com/support/home/en-in/product-support/product/networker/drivers |
| CVE-2020-1971 | 18.x, 19.1.x, 19.2.x 19.3.x, and 19.4.x. | 19.5.0 and later. | ||
| CVE-2020-1935 | ||||
| CVE-2021-24122 |
| CVEs Addressed | Product | Affected Versions | Updated Versions | Link to Update |
| CVE-2021-21600 | Dell EMC NetWorker | 18.x, 19.1.x, 19.2.x 19.3.x, and 19.4.x prior to 19.4.0.4. |
|
https://www.dell.com/support/home/en-in/product-support/product/networker/drivers |
| CVE-2020-1971 | 18.x, 19.1.x, 19.2.x 19.3.x, and 19.4.x. | 19.5.0 and later. | ||
| CVE-2020-1935 | ||||
| CVE-2021-24122 |
CVE-2021-21600: Dell Technologies would like to thank J-M Roth for reporting this issue.
| Revision | Date | Description |
| 1.0 | 2021-07-20 | Initial Release |
| 1.1 | 2021-09-02 | Updated "Affected Products and Remediation" Section |
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
NetWorker, Product Security Information
02 sep 2021
2
Dell Security Advisory