CVE-2018-11066

Опубликовано: 26 нояб. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Средний

Описание

Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server.

Ссылки

http://www.securityfocus.com/bid/105968
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1042153
Third Party Advisory
VDB Entry
https://seclists.org/fulldisclosure/2018/Nov/49
Mailing List
Third Party Advisory
https://www.vmware.com/security/advisories/VMSA-2018-0029.html
Patch
Third Party Advisory
http://www.securityfocus.com/bid/105968
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1042153
Third Party Advisory
VDB Entry
https://seclists.org/fulldisclosure/2018/Nov/49
Mailing List
Third Party Advisory
https://www.vmware.com/security/advisories/VMSA-2018-0029.html
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dell:emc_avamar:7.2.0:*:*:*:*:*:*:*

cpe:2.3:a:dell:emc_avamar:7.2.1:*:*:*:*:*:*:*

cpe:2.3:a:dell:emc_avamar:7.3.0:*:*:*:*:*:*:*

cpe:2.3:a:dell:emc_avamar:7.3.1:*:*:*:*:*:*:*

cpe:2.3:a:dell:emc_avamar:7.4.0:*:*:*:*:*:*:*

cpe:2.3:a:dell:emc_avamar:7.4.1:*:*:*:*:*:*:*

cpe:2.3:a:dell:emc_avamar:7.5.0:*:*:*:*:*:*:*

cpe:2.3:a:dell:emc_avamar:7.5.1:*:*:*:*:*:*:*

cpe:2.3:a:dell:emc_avamar:18.1:*:*:*:*:*:*:*

cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.0:*:*:*:*:*:*:*

cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.1:*:*:*:*:*:*:*

cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.2:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:vmware:vsphere_data_protection:6.0.0:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.0.1:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.0.2:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.0.3:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.0.4:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.0.5:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.0.6:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.0.7:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.0.8:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.1.0:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.1.1:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.1.2:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.1.3:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.1.4:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.1.5:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.1.6:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.1.7:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.1.8:*:*:*:*:*:*:*

cpe:2.3:a:vmware:vsphere_data_protection:6.1.9:*:*:*:*:*:*:*

EPSS

Процентиль: 97%

0.40954

Средний

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-m593-g9cm-c9fm