{"api_version":"1","generated_at":"2026-05-14T19:37:19+00:00","cve":"CVE-2021-36311","urls":{"html":"https://cve.report/CVE-2021-36311","api":"https://cve.report/api/cve/CVE-2021-36311.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-36311","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-36311"},"summary":{"title":"CVE-2021-36311","description":"Dell EMC Networker versions prior to 19.5 contain an Improper Authorization vulnerability. Any local malicious user with networker user privileges may exploit this vulnerability to upload malicious file to unauthorized locations and execute it.","state":"PUBLIC","assigner":"secure@dell.com","published_at":"2021-11-23 20:15:00","updated_at":"2022-04-25 18:08:00"},"problem_types":["NVD-CWE-Other"],"metrics":[],"references":[{"url":"https://www.dell.com/support/kbdoc/000192419","name":"N/A","refsource":"CONFIRM","tags":[],"title":"Access Denied","mime":"text/html","httpstatus":"403","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-36311","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36311","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"36311","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dell","cpe5":"emc_networker","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"secure@dell.com","DATE_PUBLIC":"2021-10-11","ID":"CVE-2021-36311","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"NetWorker","version":{"version_data":[{"version_affected":"<","version_value":"19.5"}]}}]},"vendor_name":"Dell"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Dell EMC Networker versions prior to 19.5 contain an Improper Authorization vulnerability. Any local malicious user with networker user privileges may exploit this vulnerability to upload malicious file to unauthorized locations and execute it."}]},"impact":{"cvss":{"baseScore":6,"baseSeverity":"Medium","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-285: Improper Authorization"}]}]},"references":{"reference_data":[{"refsource":"MISC","url":"https://www.dell.com/support/kbdoc/000192419","name":"https://www.dell.com/support/kbdoc/000192419"}]}},"nvd":{"publishedDate":"2021-11-23 20:15:00","lastModifiedDate":"2022-04-25 18:08:00","problem_types":["NVD-CWE-Other"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":4.6},"severity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:dell:emc_networker:*:*:*:*:*:*:*:*","versionEndExcluding":"19.5.0.0","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"36311","Ordinal":"211855","Title":"CVE-2021-36311","CVE":"CVE-2021-36311","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"36311","Ordinal":"1","NoteData":"Dell EMC Networker versions prior to 19.5 contain an Improper Authorization vulnerability. Any local malicious user with networker user privileges may exploit this vulnerability to upload malicious file to unauthorized locations and execute it.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"36311","Ordinal":"2","NoteData":"2021-11-23","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"36311","Ordinal":"3","NoteData":"2021-11-23","Type":"Other","Title":"Modified"}]}}}