Vulnerability DatabaseCVE-2021-36318

CVE-2021-36318:
Linux Gentoo vulnerability analysis and mitigation

Overview

Dell EMC Avamar versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain a plain-text password storage vulnerability identified as CVE-2021-36318. The vulnerability was disclosed in July 2021 and affects multiple Dell EMC products including Avamar Server, PowerProtect Data Protection Appliance (IDPA), and related systems running on SUSE Linux Enterprise (Dell Advisory).

Technical details

The vulnerability is classified as a plain-text password storage vulnerability with a CVSS Base Score of 6.7 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). The vulnerability requires high privileges for exploitation and has local access vector requirements (Dell Advisory).

Impact

If exploited, this vulnerability could lead to a complete outage of the affected system. The high privileged user could potentially exploit this vulnerability to gain unauthorized access to stored credentials and system information (Dell Advisory).

Mitigation and workarounds

Dell has released security updates to address this vulnerability. Users are advised to upgrade to the latest versions: 18.2.x, 19.1.x, 19.2.x, 19.3.x, or 19.4.x with the OS rollup 2021-R2 or the latest OS rollup. Installation instructions are available in KB article 69982 for applying the hotfix (Dell Advisory).

Additional resources

Source: This report was generated using AI

Related Linux Gentoo vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-13470	HIGH	7.7	Linux Debian	rnp	No	Yes	Nov 21, 2025
CVE-2025-65018	HIGH	7.1	NixOS	libpng-devel	No	Yes	Nov 25, 2025
CVE-2025-64720	HIGH	7.1	NixOS	libpng16-16-x86-64-v3	No	Yes	Nov 25, 2025
CVE-2025-64506	MEDIUM	6.1	NixOS	libpng-debuginfo	No	Yes	Nov 25, 2025
CVE-2025-64505	MEDIUM	6.1	NixOS	java-1.8.0-openjdk-javadoc	No	Yes	Nov 25, 2025