An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could access arbitrary files on the server file system in the context of the running vulnerable application via Path traversal.
Se ha descubierto un problema en EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x y EMC Integrated Data Protection Appliance 2.0. Un usuario autenticado remoto malicioso con bajos privilegios podría acceder a archivos arbitrarios en el sistema de archivos del servidor en el contexto de la aplicación vulnerable en ejecución mediante un salto de directorio.
Multiple EMC products suffers from authentication bypass, file upload, and path traversal vulnerabilities. Affected includes EMC Avamar Server versions 7.1.x, 7.2.x, 7.3.x, 7.4.x, and 7.5.0, EMC NetWorker Virtual Edition (NVE) versions 9.0.x, 9.1.x, and 9.2.x, and EMC Integrated Data Protection Appliance version 2.0.
