CVE-2025-21117

MEDIUM Year: 2025
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-672
View all →

Vulnerability Description

Dell Avamar, version 19.4 or later, contains an access token reuse vulnerability in the AUI. A low privileged local attacker could potentially exploit this vulnerability, leading to fully impersonating the user.

Related Vulnerabilities

CVE-2024-4693

MEDIUM
CVSS:5.5(Medium)

A flaw was found in the QEMU Virtio PCI Bindings (hw/virtio/virtio-pci.c). An improper release and use of the irqfd for vector 0 during the boot process leads to a guest triggerable crash via vhost_ne...

CWE-6722024

CVE-2024-49953

MEDIUM
CVSS:5.5(Medium)

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice The km.state is not checked in driver's delayed work. When xfrm_s...

CWE-6722024

CVE-2024-49955

MEDIUM
CVSS:5.5(Medium)

In the Linux kernel, the following vulnerability has been resolved: ACPI: battery: Fix possible crash when unregistering a battery hook When a battery hook returns an error when adding a new battery, ...

CWE-6722024

CVE-2024-56674

MEDIUM
CVSS:5.5(Medium)

In the Linux kernel, the following vulnerability has been resolved: virtio_net: correct netdev_tx_reset_queue() invocation point When virtnet_close is followed by virtnet_open, some TX completions can...

CWE-6722024

CVE-2022-22332

MEDIUM
CVSS:5.6(Medium)

IBM Sterling Partner Engagement Manager 6.2.0 could allow an attacker to impersonate another user due to missing revocation mechanism for the JWT token. IBM X-Force ID: 219131.

CWE-6722022

CVE-2021-42778

MEDIUM
CVSS:5.3(Medium)

A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.

CWE-6722021