exploitDog

GHSA-j254-mg4h-rvf4

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

Описание

EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x through 7.0.2-43 do not require authentication for Java API calls, which allows remote attackers to discover grid MCUser and GSAN passwords via a crafted call.

EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x through 7.0.2-43 do not require authentication for Java API calls, which allows remote attackers to discover grid MCUser and GSAN passwords via a crafted call.

Ссылки

EPSS

Процентиль: 75%

0.00896

Низкий

CVE ID

Связанные уязвимости

CVE-2014-4624

nvd

больше 11 лет назад

EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x through 7.0.2-43 do not require authentication for Java API calls, which allows remote attackers to discover grid MCUser and GSAN passwords via a crafted call.

EPSS

Процентиль: 75%

0.00896

Низкий

CVE ID