PT-2015-6607 · Emc · Emc Avamar Virtual Addition+2

Published

2015-07-23

Updated

2015-08-21

CVE-2015-4527

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions EMC Avamar Server versions 7.0 through 7.1.2 EMC Avamar Virtual Addition (AVE) versions 7.0 through 7.1.2

Description A directory traversal issue allows remote attackers to read arbitrary files by sending crafted parameters through the Avamar Desktop/Laptop client interface.

Recommendations For EMC Avamar Server versions 7.0 through 7.1.2, update to version 7.1.2 or later. For EMC Avamar Virtual Addition (AVE) versions 7.0 through 7.1.2, update to version 7.1.2 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2015-4527

Affected Products

Avamar Desktop/Laptop Client

Emc Avamar Server

Emc Avamar Virtual Addition

PT-2015-6607 · Emc · Emc Avamar Virtual Addition+2

CVE-2015-4527

Weakness Enumeration

Related Identifiers

Affected Products

References · 3