Rewterz Threat Advisory – Scripting Engine Memory Corruption Vulnerability
June 14, 2021Rewterz Threat Alert – DanaBot Trojan – Active IOCs
June 14, 2021Rewterz Threat Advisory – Scripting Engine Memory Corruption Vulnerability
June 14, 2021Rewterz Threat Alert – DanaBot Trojan – Active IOCs
June 14, 2021Severity
Medium
Analysis Summary
CVE-2021-21569
Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information.
CVE-2021-21570
Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information.
Impact
- Unauthorized Access
- Information Theft
Affected Vendors
Dell
Affected Products
- Dell Technologies NetWorker 18.x
- Dell Technologies NetWorker 19.1x
- Dell Technologies NetWorker 19.2x
- Dell Technologies 19.3x
- Dell Technologies 19.4.0.2x
Remediation
For the complete list of affected products and mitigation techniques refer to the vendor website at