PT-2018-5916 · Emc · Emc Avamar Server+2
Publicado
2018-01-05
·
Atualizado
2018-01-18
·
CVE-2017-15550
CVSS v2.0
9.0
Alta
| Vetor | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
EMC Avamar Server versions 7.1.x through 7.5.0
EMC NetWorker Virtual Edition (NVE) versions 9.0.x through 9.2.x
EMC Integrated Data Protection Appliance version 2.0
Description:
A remote authenticated malicious user with low privileges could access arbitrary files on the server file system in the context of the running vulnerable application via Path traversal.
Recommendations:
For EMC Avamar Server versions 7.1.x through 7.5.0, update to a version that includes the fix for this issue.
For EMC NetWorker Virtual Edition (NVE) versions 9.0.x through 9.2.x, update to a version that includes the fix for this issue.
For EMC Integrated Data Protection Appliance version 2.0, update to a version that includes the fix for this issue.
Correção
Path traversal
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Emc Avamar Server
Emc Integrated Data Protection Appliance
Emc Networker Virtual Edition