CVE-2021-36317

MEDIUM Year: 2021
CVSS v3 Score
6.7
Medium
CVSS v2 Score
2.1
Low
Weakness Type
CWE-256
View all →

Vulnerability Description

Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in AvInstaller. A local attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Related Vulnerabilities

CVE-2022-29085

MEDIUM
CVSS:6.7(Medium)

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of ...

CWE-2562022

CVE-2024-53292

MEDIUM
CVSS:6.7(Medium)

Dell VxVerify, versions prior to x.40.405, contain a Plain-text Password Storage Vulnerability in the shell wrapper. A local high privileged attacker could potentially exploit this vulnerability, lead...

CWE-2562024

CVE-2019-0032

MEDIUM
CVSS:6.5(Medium)

A password management issue exists where the Organization authentication username and password were stored in plaintext in log files. A locally authenticated attacker who is able to access these store...

CWE-2562019

CVE-2021-1589

MEDIUM
CVSS:6.5(Medium)

A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain unauthorized access to user credentials. This vulnerability exis...

CWE-2562021

CVE-2021-36309

MEDIUM
CVSS:6.5(Medium)

Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure vulnerability. An authenticated malicious user with access to the system may use the TACACS\Radius cre...

CWE-2562021

CVE-2022-22458

MEDIUM
CVSS:6.5(Medium)

IBM Security Verify Governance, Identity Manager 10.0.1 stores user credentials in plain clear text which can be read by a remote authenticated user. IBM X-Force ID: 225009.

CWE-2562022