CVE-2025-21103 HIGH

CVE-2025-21103

Vendor Dell
Product NetWorker Management Console
Weakness CWE-97
Published February 17, 2025
Last update February 18, 2025

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Dell NetWorker Management Console, version(s) 19.11 through 19.11.0.3 & Versions prior to 19.10.0.7 contain(s) an improper neutralization of server-side vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability and run arbitrary code on the server.

Key dates

02Disclosure timeline

February 17, 2025 CVE published
February 18, 2025 Record updated