CVE-2013-3274
Severity Score
9.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly determine authorization for calls to Java RMI methods, which allows remote authenticated users to execute arbitrary code via unspecified vectors.
EMC Avamar Server y Avamar Virtual Edition anterior a v7.0 en plataformas Data Store Gen3, Gen4, y Gen4s no determina correctamente la autorización para llamadas a métodos Java RMI, lo que permite a usuarios remotos autenticados ejecutar código arbitrario mediante vectores no especificados.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-04-26 CVE Reserved
- 2013-07-18 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2013-07/0114.html | Mailing List |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Emc Search vendor "Emc" | Avamar Server Search vendor "Emc" for product "Avamar Server" | <= 6.1 Search vendor "Emc" for product "Avamar Server" and version " <= 6.1" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Avamar Server Search vendor "Emc" for product "Avamar Server" | 4.0 Search vendor "Emc" for product "Avamar Server" and version "4.0" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Avamar Server Search vendor "Emc" for product "Avamar Server" | 4.1 Search vendor "Emc" for product "Avamar Server" and version "4.1" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Avamar Server Search vendor "Emc" for product "Avamar Server" | 5.0 Search vendor "Emc" for product "Avamar Server" and version "5.0" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Avamar Server Search vendor "Emc" for product "Avamar Server" | 6.0 Search vendor "Emc" for product "Avamar Server" and version "6.0" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Avamar Server Virtual Edition Search vendor "Emc" for product "Avamar Server Virtual Edition" | <= 6.1 Search vendor "Emc" for product "Avamar Server Virtual Edition" and version " <= 6.1" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Avamar Server Virtual Edition Search vendor "Emc" for product "Avamar Server Virtual Edition" | 4.0 Search vendor "Emc" for product "Avamar Server Virtual Edition" and version "4.0" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Avamar Server Virtual Edition Search vendor "Emc" for product "Avamar Server Virtual Edition" | 4.1 Search vendor "Emc" for product "Avamar Server Virtual Edition" and version "4.1" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Avamar Server Virtual Edition Search vendor "Emc" for product "Avamar Server Virtual Edition" | 5.0 Search vendor "Emc" for product "Avamar Server Virtual Edition" and version "5.0" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Avamar Server Virtual Edition Search vendor "Emc" for product "Avamar Server Virtual Edition" | 6.0 Search vendor "Emc" for product "Avamar Server Virtual Edition" and version "6.0" | - |
Affected
| ||||||