CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2016-0909 – EMC ADS / AVE 7.3.0 Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-0909
20 Oct 2016 — EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users. EMC Avamar Data Store (ADS) y Avamar Virtual Edition (AVE) en versiones 7.3 y versiones anteriores contienen una vulnerabilidad que podría exponer a los servidores Avamar a ser potencialmente comprometidos por usuarios maliciosos. • http://www.securityfocus.com/archive/1/539613 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-4527 – EMC Avamar Directory Traversal
https://notcve.org/view.php?id=CVE-2015-4527
22 Jul 2015 — Directory traversal vulnerability in EMC Avamar Server 7.x before 7.1.2 and Avamar Virtual Addition (AVE) 7.x before 7.1.2 allows remote attackers to read arbitrary files by using the Avamar Desktop/Laptop client interface to send crafted parameters. Vulnerabilidad de salto de directorio en EMC Avamar Server 7.x anterior a 7.1.2 y Avamar Virtual Addition (AVE) 7.x anterior a 7.1.2, permite a atacantes remotos leer archivos arbitrarios por medio de la interfaz de cliente Avamar Desktop/Laptop para enviar par... • http://seclists.org/bugtraq/2015/Jul/110 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •