CVE-2019-3737

Summary

Dell EMC Avamar ADMe Web Interface 1.0.50 and 1.0.51 are affected by an LFI vulnerability which may allow a malicious user to download arbitrary files from the affected system by sending a specially crafted request to the Web Interface application.

Affected Software

VendorProductVersion RangeStatus
Dell EMCAvamarADMe Web UI 1.0.50affected
Dell EMCAvamarADMe Web UI 1.0.51affected

Weaknesses

  • CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADP Enrichment

CVE Program Container

Additional References

References