EMC Avamar Server 7.3.0-233

CPE Details

EMC Avamar Server 7.3.0-233
emc
avamar_server
7.3.0-233
2017-07-04
11h30 +00:00
2021-05-21
12h36 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:emc:avamar_server:7.3.0-233:*:*:*:*:*:*:*

Informations

Vendor

emc

Product

avamar_server

Version

7.3.0-233

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2017-4989 2017-06-21 18h00 +00:00 In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information, perform software updates, or run maintenance workflows.
9.8
Critical
CVE-2017-4990 2017-06-21 18h00 +00:00 In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an unauthorized attacker may leverage the file upload feature of the system maintenance page to load a maliciously crafted file to any directory which could allow the attacker to execute arbitrary code on the Avamar Server system.
9.8
Critical
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.