CVE-2021-21512 HIGH

CVE-2021-21512

Vendor Dell

Product Cyber Recovery

Weakness CWE-200 · Info exposure

Published February 19, 2021

Last update September 17, 2024

View on NVD All CVEs

CVSS base score

7.9/10

Attack vector Local

Attack complexity Low

Privileges required High

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

What the vulnerability does

01Description

Dell EMC PowerProtect Cyber Recovery, version 19.7.0.1, contains an Information Disclosure vulnerability. A locally authenticated high privileged Cyber Recovery user may potentially exploit this vulnerability leading to the takeover of the notification email account.

Key dates

02Disclosure timeline

February 19, 2021 CVE published

September 17, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-21512

Related vulnerabilities

CVE-2021-21512

01Description

02Disclosure timeline

03References

04Related CVE