CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4610
https://notcve.org/view.php?id=CVE-2012-4610
EMC Avamar Client for VMware 6.1 stores the cleartext server root password on the proxy client, which might allow remote attackers to obtain sensitive information by leveraging "network access" to the proxy client. EMC Avamar Client para VMware v6.1 almacena la contraseña raiz del servidor en texto plano en el cliente proxy, lo que podría permitir a atacantes remotos, obtener información sensible mediante el aprovechamiento del "acceso a red" del cliente proxy. • http://www.securityfocus.com/archive/1/524532 http://www.securityfocus.com/bid/56317 https://exchange.xforce.ibmcloud.com/vulnerabilities/79661 • CWE-255: Credentials Management Errors •
CVSS: 7.7EPSS: 0%CPEs: 8EXPL: 0CVE-2011-1740
https://notcve.org/view.php?id=CVE-2011-1740
EMC Avamar 4.x, 5.0.x, and 6.0.x before 6.0.0-592 allows remote authenticated users to modify client data or obtain sensitive information about product activities by leveraging privileged access to a different domain. EMC Avamar v4.x, v5.0.x, y v6.0.x antes de v6.0.0-592 permite modificar los datos del cliente a usuarios remotos autenticados para obtener información confidencial sobre las actividades del producto, aprovechando el acceso privilegiado a un dominio diferente. • http://archives.neohapsis.com/archives/bugtraq/2011-09/0076.html http://secunia.com/advisories/45988 http://secunia.com/advisories/46002 http://securitytracker.com/id?1026035 https://exchange.xforce.ibmcloud.com/vulnerabilities/69760 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 3.5EPSS: 0%CPEs: 3EXPL: 0CVE-2011-0442
https://notcve.org/view.php?id=CVE-2011-0442
The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to transmit event details in (1) service requests and (2) e-mail messages, which might allow remote attackers to obtain sensitive information by sniffing the network. La utilidad de servicio en EMC Avamar v5.x anterior a v5.0.4 utiliza texto claro para transmitir los detalles del evento en una (1) petición de servicio y (2) mensajes de correo electrónico, lo que podría permitir a atacantes remotos obtener información sensible espiando la red . • http://secunia.com/advisories/43797 http://securityreason.com/securityalert/8139 http://www.securityfocus.com/archive/1/517022/100/0/threaded http://www.securityfocus.com/bid/46879 http://www.securitytracker.com/id?1025213 http://www.vupen.com/english/advisories/2011/0677 http://www.vupen.com/english/advisories/2011/0678 https://exchange.xforce.ibmcloud.com/vulnerabilities/66109 • CWE-310: Cryptographic Issues •
CVSS: 8.5EPSS: 0%CPEs: 3EXPL: 0CVE-2011-0648
https://notcve.org/view.php?id=CVE-2011-0648
Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote authenticated users to gain privileges via unknown vectors. Vulnerabilidad no especificada en EMC Avamar anterior a v5.0.4-30 permite a usuarios remotos autenticados obtener privilegios a través de vectores desconocidos . • http://osvdb.org/71181 http://secunia.com/advisories/43749 http://securityreason.com/securityalert/8138 http://www.securityfocus.com/archive/1/517024/100/0/threaded http://www.securityfocus.com/bid/46874 https://exchange.xforce.ibmcloud.com/vulnerabilities/66108 •
CVSS: 7.1EPSS: 2%CPEs: 2EXPL: 0CVE-2010-1919
https://notcve.org/view.php?id=CVE-2010-1919
Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 allows remote attackers to cause a denial of service (gsan service hang) by sending a crafted message using TCP. Vulnerabilidad sin especificar en EMC Avamar v4.1.x y v5.0 anterior a SP1 permite a atacantes remotos provocar una denegación de servicio (servicio gsan colgado) enviando un mensaje manipulado utilizando TCP. • http://archives.neohapsis.com/archives/bugtraq/2010-05/0254.html http://secunia.com/advisories/39919 http://securitytracker.com/id?1024036 http://www.packetstormsecurity.org/1005-advisories/ESA-2010-007.txt http://www.securityfocus.com/bid/40390 http://www.vupen.com/english/advisories/2010/1253 •