Описание
Dell EMC Avamar ADMe Web Interface 1.0.50 and 1.0.51 are affected by an LFI vulnerability which may allow a malicious user to download arbitrary files from the affected system by sending a specially crafted request to the Web Interface application.
Ссылки
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:dell:avamar_data_migration_enabler_web_interface:1.0.50:*:*:*:*:*:*:*
cpe:2.3:a:dell:avamar_data_migration_enabler_web_interface:1.0.51:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00419
Низкий
8.6 High
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-22
CWE-22
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Dell EMC Avamar ADMe Web Interface 1.0.50 and 1.0.51 are affected by an LFI vulnerability which may allow a malicious user to download arbitrary files from the affected system by sending a specially crafted request to the Web Interface application.
EPSS
Процентиль: 61%
0.00419
Низкий
8.6 High
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-22
CWE-22