EMC Avamar Server 7.2.1-32

CPE Details

EMC Avamar Server 7.2.1-32
7.2.1-32
2019-10-17
16h46 +00:00
2019-10-17
16h46 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:emc:avamar_server:7.2.1-32:*:*:*:*:*:*:*

Informations

Vendor

emc

Product

avamar_server

Version

7.2.1-32

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2017-4989 2017-06-21 18h00 +00:00 In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information, perform software updates, or run maintenance workflows.
9.8
Critique
CVE-2016-0903 2016-09-20 23h00 +00:00 Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 rely on client-side authentication, which allows remote attackers to spoof clients and read backup data via a modified client agent.
9.1
Critique
CVE-2016-0904 2016-09-20 23h00 +00:00 Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use the same encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms and obtain sensitive client-server traffic information by leveraging knowledge of this key from another installation.
8.6
Haute
CVE-2016-0905 2016-09-20 23h00 +00:00 Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command.
6.7
Moyen
CVE-2016-0920 2016-09-20 23h00 +00:00 Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root access via a crafted parameter to a command that is available in the sudo configuration.
7.8
Haute
CVE-2016-0921 2016-09-20 23h00 +00:00 Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use weak permissions for unspecified directories, which allows local users to obtain root access by replacing a script with a Trojan horse program.
6.5
Moyen