CVE-2019-3737
8.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Summary
Dell EMC Avamar ADMe Web Interface 1.0.50 and 1.0.51 are affected by an LFI vulnerability which may allow a malicious user to download arbitrary files from the affected system by sending a specially crafted request to the Web Interface application.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell EMC | Avamar | ADMe Web UI 1.0.50 | affected |
| Dell EMC | Avamar | ADMe Web UI 1.0.51 | affected |
Weaknesses
- CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.