PT-2018-5916 · Emc · Emc Avamar Server+2
Published
2018-01-05
·
Updated
2018-01-18
·
CVE-2017-15550
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
EMC Avamar Server versions 7.1.x through 7.5.0
EMC NetWorker Virtual Edition (NVE) versions 9.0.x through 9.2.x
EMC Integrated Data Protection Appliance version 2.0
Description:
A remote authenticated malicious user with low privileges could access arbitrary files on the server file system in the context of the running vulnerable application via Path traversal.
Recommendations:
For EMC Avamar Server versions 7.1.x through 7.5.0, update to a version that includes the fix for this issue.
For EMC NetWorker Virtual Edition (NVE) versions 9.0.x through 9.2.x, update to a version that includes the fix for this issue.
For EMC Integrated Data Protection Appliance version 2.0, update to a version that includes the fix for this issue.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Emc Avamar Server
Emc Integrated Data Protection Appliance
Emc Networker Virtual Edition