CVE-2017-15548

Name of the Vulnerable Software and Affected Versions EMC Avamar Server versions 7.1.x through 7.5.0 EMC NetWorker Virtual Edition (NVE) versions 9.0.x through 9.2.x EMC Integrated Data Protection Appliance version 2.0

Description The issue is related to weaknesses in the authentication procedure of the affected systems. A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the systems. The vulnerability can be exploited by a remote attacker to bypass authentication and obtain root access.

Recommendations For EMC Avamar Server versions 7.1.x through 7.5.0, update to a version that addresses the authentication bypass issue. For EMC NetWorker Virtual Edition (NVE) versions 9.0.x through 9.2.x, update to a version that addresses the authentication bypass issue. For EMC Integrated Data Protection Appliance version 2.0, update to a version that addresses the authentication bypass issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.