NotCVE - vendor:"Dell" product:"Emc Avamar" version:"7.5.1"

6 results (0.020 seconds)

CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 0

CVE-2020-5341

https://notcve.org/view.php?id=CVE-2020-5341

Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 and 2.4.1 contain a Deserialization of Untrusted Data Vulnerability. A remote unauthenticated attacker could exploit this vulnerability to send a serialized payload that would execute code on the system. Vulnerabilidad de deserialización de datos no confiables Las versiones 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 y 19.2 de Dell EMC Avamar Server y las versiones 2.0, 2.1, 2.2, 2.3, 2.4 y 2.4.1 de Dell EMC Integrated Data Protection Appliance contienen una vulnerabilidad de deserialización de datos no confiables. Un atacante remoto no autenticado podría aprovechar esta vulnerabilidad para enviar una carga útil serializada que ejecutaría código en el sistema. • https://www.dell.com/support/security/en-us/details/541677/DSA-2020-057-Dell-EMC-Avamar-Server-Deserialization-of-Untrusted-Data-Vulnerability • CWE-502: Deserialization of Untrusted Data •

CVSS: 8.2EPSS: 0%CPEs: 10EXPL: 0

CVE-2019-3752

https://notcve.org/view.php?id=CVE-2019-3752

Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4. contain an XML External Entity(XXE) Injection vulnerability. A remote unauthenticated malicious user could potentially exploit this vulnerability to cause Denial of Service or information exposure by supplying specially crafted document type definitions (DTDs) in an XML request. Dell EMC Avamar Server versiones 7.4.1, 7.5.0, 7.5.1, 18.2 y 19.1 de y Dell EMC Integrated Data Protection Appliance (IDPA) versiones 2.0, 2.1, 2.2, 2.3 y 2.4, contienen una vulnerabilidad de tipo XML External Entity(XXE). Un usuario remoto malicioso no autenticado podría potencialmente explotar esta vulnerabilidad para causar una Denegación de Servicio o la exposición de información al suministrar definiciones de tipo de documento (DTD) especialmente diseñadas en una petición XML • https://www.dell.com/support/security/en-us/details/537853/DSA-2019-119-Dell-EMC-Avamar-XML-External-Entity-Injection-Vulnerability • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0

CVE-2019-3765

https://notcve.org/view.php?id=CVE-2019-3765

Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4 contain an Incorrect Permission Assignment for Critical Resource vulnerability. A remote authenticated malicious user potentially could exploit this vulnerability to view or modify sensitive backup data. This could be used to make backups corrupt or potentially to trick a user into restoring a backup with malicious files in place. Dell EMC Avamar Server versiones 7.4.1, 7.5.0, 7.5.1, 18.2 y 19.1 y Dell EMC Integrated Data Protection Appliance (IDPA) versiones 2.0, 2.1, 2.2, 2.3 y 2.4, contienen una Asignación de Permisos Incorrecta para una vulnerabilidad de Recursos Críticos. Un usuario malicioso autenticado remoto podría explotar esta vulnerabilidad para visualizar o modificar datos confidenciales de respaldo. • https://www.dell.com/support/security/en-us/details/537649/DSA-2019-138-Dell-EMC-Avamar-Incorrect-Permission-Assignment-for-Critical-Resource-Vulnerability • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 10.0EPSS: 1%CPEs: 31EXPL: 0

CVE-2018-11066 – Dell EMC Avamar and Integrated Data Protection Appliance Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2018-11066

Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server. Dell EMC Avamar Client Manager, en las versiones 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 y 18.1 de Dell EMC Avamar Server y las 2.0, 2.1 y 2.2 de Dell EMC Integrated Data Protection Appliance (IDPA) tienen una vulnerabilidad de ejecución remota de código. Un atacante remoto no autenticado podría explotar esta vulnerabilidad para ejecutar comandos arbitrarios en el servidor. • http://www.securityfocus.com/bid/105968 http://www.securitytracker.com/id/1042153 https://seclists.org/fulldisclosure/2018/Nov/49 https://www.vmware.com/security/advisories/VMSA-2018-0029.html •

CVSS: 6.1EPSS: 0%CPEs: 31EXPL: 0

CVE-2018-11067 – Dell EMC Avamar and Integrated Data Protection Appliance Open Redirection Vulnerability

https://notcve.org/view.php?id=CVE-2018-11067

Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain an open redirection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect application users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links. The vulnerability could be used to conduct phishing attacks that cause users to unknowingly visit malicious sites. Dell EMC Avamar Client Manager, en las versiones 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 y 18.1 de Dell EMC Avamar Server y las 2.0, 2.1 y 2.2 de Dell EMC Integrated Data Protection Appliance (IDPA) tienen una vulnerabilidad de redirección abierta. Un atacante remoto no autenticado podría explotar esta vulnerabilidad para redirigir los usuarios de la aplicación a URL de páginas web arbitrarias, engañándolos para que hagan clic en enlaces maliciosamente manipulados. • http://www.securityfocus.com/bid/105969 http://www.securitytracker.com/id/1042153 https://seclists.org/fulldisclosure/2018/Nov/49 https://www.vmware.com/security/advisories/VMSA-2018-0029.html • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

1 2