CVE-2019-3765

Name of the Vulnerable Software and Affected Versions Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3, 2.4

Description The issue allows a remote authenticated malicious user to potentially exploit it and view or modify sensitive backup data. This could lead to corrupt backups or potentially trick a user into restoring a backup with malicious files.

Recommendations For Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1, update to a version that fixes the Incorrect Permission Assignment for Critical Resource issue. For Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3, 2.4, update to a version that fixes the Incorrect Permission Assignment for Critical Resource issue. As a temporary workaround, consider restricting access to sensitive backup data to minimize the risk of exploitation.