virus logo FortiClient Vulnerability

Denial of Service, Improper Certificate Validation, and Information Disclosure Vulnerabilities for Dell EMC NetWorker

description-logoDescription

Dell EMC NetWorker, between 18.x and 19.4 may contain an uncontrolled resource consumption flaw in its API service. An authorized API user could potentially exploit this vulnerability via the web and desktop user interfaces, leading to denial of service in the manageability path. There are also improper certifcate validation vulnerability which uses SSL encrypted connection, and an unauthenticated attacker in the same network can perform man-in-the-middle attacks. An information disclosure vulnerability which may lead to stolen credentials.

affected-products-logoAffected Applications

EMC NetWorker

CVE References

CVE-2021-21600 CVE-2021-21559 CVE-2021-21558 CVE-2021-21546

Other References

https://www.dell.com/support/home/en-us/product-support/product/networker/advisories
ID 2442
Created Jan 12, 2022
Description
Updated		 Jan 12, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
Vendor Dell
Patch manual
Application EMC NetWorker