Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

emc avamar server 7.3.0-233 vulnerabilities and exploits

(subscribe to this query)
7.5
CVSSv2
CVE-2017-4990
In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an unauthorized attacker may leverage the file upload feature of the system maintenance page to load a maliciously crafted file to any directory which could allow the malicious user to execute arb...
Emc Avamar Server 7.3.0-233Emc Avamar Server 7.3.1-125Emc Avamar Server 7.4.0-242Emc Avamar Server 7.3.0-226Emc Avamar Server 7.4.1-58
7.5
CVSSv2
CVE-2017-4989
In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an malicious user to view sen...
Emc Avamar Server 7.2.1-32Emc Avamar Server 7.2.1-31Emc Avamar Server 7.3.0-233Emc Avamar Server 7.3.1-125Emc Avamar Server 7.2.0-401Emc Avamar Server 7.3.0-226
7.2
CVSSv2
CVE-2016-0905
Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server prior to 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command.
Emc Avamar Server
6.4
CVSSv2
CVE-2016-0903
Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server prior to 7.3.0-233 rely on client-side authentication, which allows remote malicious users to spoof clients and read backup data via a modified client agent.
Emc Avamar Server
7.2
CVSSv2
CVE-2016-0920
Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server prior to 7.3.0-233 allow local users to obtain root access via a crafted parameter to a command that is available in the sudo configuration.
Emc Avamar Server
6.9
CVSSv2
CVE-2016-0921
Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server prior to 7.3.0-233 use weak permissions for unspecified directories, which allows local users to obtain root access by replacing a script with a Trojan horse program.
Emc Avamar Server
5
CVSSv2
CVE-2016-0904
Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server prior to 7.3.0-233 use the same encryption key across different customers' installations, which allows remote malicious users to defeat cryptographic protection mechanisms and obtain sensitive clie...
Emc Avamar Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook