Home

Description

Dell Avamar, version 19.4 or later, contains an access token reuse vulnerability in the AUI. A low privileged local attacker could potentially exploit this vulnerability, leading to fully impersonating the user.

PUBLISHED Reserved 2024-11-23 | Published 2025-02-05 | Updated 2025-02-12 | Assigner dell




MEDIUM: 6.6CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

Problem types

CWE-672: Operation on a Resource after Expiration or Release

Product status

Default status
unaffected

19.4
affected

19.7
affected

19.8
affected

19.9
affected

19.10
affected

19.10 SP1
affected

References

www.dell.com/...vamar-for-multiple-component-vulnerabilities vendor-advisory

cve.org (CVE-2025-21117)

nvd.nist.gov (CVE-2025-21117)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.