CVE-2020-26182

Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability. A non-LDAP remote user with low privileges may exploit this vulnerability to perform 'saveset' related operations in an unintended manner. The vulnerability is not exploitable by users authenticated via LDAP.
Configurations

Configuration 1 (hide)

cpe:2.3:a:dell:emc_networker:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:19

Type Values Removed Values Added
References () https://www.dell.com/support/security/en-us/details/546616/DSA-2020-229-Dell-EMC-NetWorker-Multiple-Security-Vulnerabilities - Vendor Advisory () https://www.dell.com/support/security/en-us/details/546616/DSA-2020-229-Dell-EMC-NetWorker-Multiple-Security-Vulnerabilities - Vendor Advisory
CVSS v2 : 4.0
v3 : 6.5
v2 : 4.0
v3 : 6.8

Information

Published : 2020-10-16 18:15

Updated : 2024-11-21 05:19


NVD link : CVE-2020-26182

Mitre link : CVE-2020-26182

CVE.ORG link : CVE-2020-26182


JSON object : View

Products Affected

dell

  • emc_networker
CWE
CWE-266

Incorrect Privilege Assignment

CWE-552

Files or Directories Accessible to External Parties