CVSS: 7.2EPSS: 0%CPEs: 14EXPL: 0CVE-2012-2291
https://notcve.org/view.php?id=CVE-2012-2291
EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack. EMC Avamar Client v4.x, v5.x y 6.x en HP-UX y Mac OS X, y el complemento EMC Avamar v4.x, v5.x, y x6.x para Oracle, usa permisos de escritura globales para directorios cache, lo que permite a usuarios locales ibtener privilegios a través de ataque simbólico sin especificar • http://archives.neohapsis.com/archives/bugtraq/2013-01/0086.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.7EPSS: 0%CPEs: 8EXPL: 0CVE-2011-1740
https://notcve.org/view.php?id=CVE-2011-1740
EMC Avamar 4.x, 5.0.x, and 6.0.x before 6.0.0-592 allows remote authenticated users to modify client data or obtain sensitive information about product activities by leveraging privileged access to a different domain. EMC Avamar v4.x, v5.0.x, y v6.0.x antes de v6.0.0-592 permite modificar los datos del cliente a usuarios remotos autenticados para obtener información confidencial sobre las actividades del producto, aprovechando el acceso privilegiado a un dominio diferente. • http://archives.neohapsis.com/archives/bugtraq/2011-09/0076.html http://secunia.com/advisories/45988 http://secunia.com/advisories/46002 http://securitytracker.com/id?1026035 https://exchange.xforce.ibmcloud.com/vulnerabilities/69760 • CWE-264: Permissions, Privileges, and Access Controls •