1 results (0.001 seconds)
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2014-4624 – EMC Avamar Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2014-4624
24 Oct 2014 — EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x through 7.0.2-43 do not require authentication for Java API calls, which allows remote attackers to discover grid MCUser and GSAN passwords via a crafted call. EMC Avamar Data Store (ADS) y Avamar Virtual Edition (AVE) 6.x y 7.0.x hasta 7.0.2-43 no requieren autenticación para llamadas a la API Java, lo que permite a atacantes remotos descubrir las contraseñas de grid MCUser y GSAN a través de una llamada manipulada. EMC Avamar serve... • http://archives.neohapsis.com/archives/bugtraq/2014-10/0147.html • CWE-264: Permissions, Privileges, and Access Controls •