Request a Demo
Rewterz
Rewterz Threat Advisory – CVE-2021-4088 – McAfee Data Loss Protection ePO extension Vulnerability
January 26, 2022
Rewterz
Rewterz Threat Advisory – CVE-2021-39031 – IBM WebSphere Application Server Vulnerability
January 26, 2022

Rewterz Threat Advisory – Multiple Dell EMC Data Protection Central Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2021-43588 

Dell EMC Data Protection Central is vulnerable to a denial of service, caused by an improper input validation vulnerability. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.

CVE-2021-36349 

Dell EMC Data Protection Central is vulnerable to server-side request forgery, caused by a flaw in the DPC DNS client processing. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to perform port scanning of external hosts.

Impact

  • Denial of Service
  • Unauthorized Access

Affected Vendors

Dell

Affected Products

  • Dell EMC Data Protection Central 19.5

Remediation

Refer to Dell Advisory for patch, upgrade or suggested workaround information.

https://www.dell.com/support/kbdoc/en-us/000195103/dsa-2021-262-dell-emc-data-protection-central-security-update-for-multiple-security-vulnerabilities