exploitDog

GHSA-2gm9-vfwg-p8x2

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems.

An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems.

Ссылки

EPSS

Процентиль: 45%

0.00228

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-287

Связанные уязвимости

CVE-2017-15548

CVSS3: 9.8

nvd

около 8 лет назад

An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems.

BDU:2018-00329

CVSS3: 9.8

fstec

около 8 лет назад

Уязвимость системы резервного копирования EMC Avamar, системы копирования и восстановления EMC NetWorker и системы комплексной защиты данных EMC Integrated Data Protection Appliance, связанная с недостатками процедуры аутентификации, позволяющая нарушителю обойти процедуру аутентификации

EPSS

Процентиль: 45%

0.00228

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-287