CVE-2017-4989
N/A
N/A
Summary
In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information, perform software updates, or run maintenance workflows.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401 | EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401 | affected |
Weaknesses
- Server Authentication Bypass Vulnerability
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/archive/1/540754/30/0/threaded
- http://www.securityfocus.com/bid/99243
- http://www.securitytracker.com/id/1038718
References
- http://www.securityfocus.com/archive/1/540754/30/0/threaded
- http://www.securityfocus.com/bid/99243
- http://www.securitytracker.com/id/1038718
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.