CVE-2021-21570 MEDIUM

CVE-2021-21570

Vendor Dell

Product NetWorker

Weakness CWE-78

Published September 28, 2021

Last update September 17, 2024

View on NVD All CVEs

CVSS base score

6.8/10

Attack vector Network

Attack complexity Low

Privileges required High

User interaction None

Confidentiality High

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

What the vulnerability does

01Description

Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information.

Key dates

02Disclosure timeline

September 28, 2021 CVE published

September 17, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-21570

Related vulnerabilities

04Related CVE

CVE-2026-45578 WWBN AVideo Live: OS command injection in on_publish.php execAsync via unescaped m3u8 URL CVE-2024-1683 DLL Injection in Tenable Identity Exposure Secure Relay CVE-2024-43648 Authenticated command injection via <redacted>.exe <redacted> parameter CVE-2026-4591 kalcaddle kodbox fileThumb Endpoint app.php checkBin os command injection CVE-2026-4946 NSA Ghidra Auto-Analysis Annotation Command Execution