CVE-2020-29493

Name of the Vulnerable Software and Affected Versions: DELL EMC Avamar Server versions 19.1 through 19.3

Description: A SQL Injection Vulnerability exists in the Fitness Analyzer of DELL EMC Avamar Server, allowing a remote unauthenticated attacker to execute certain SQL commands on the application's backend database. This could lead to unauthorized read and write access to application data, potentially causing leakage or deletion of sensitive backup data.

Recommendations: For versions 19.1 through 19.3, upgrade to a newer version at the earliest opportunity to resolve the issue. As a temporary workaround, consider restricting access to the Fitness Analyzer module to minimize the risk of exploitation.