CVE-2016-0906
First published: Wed Jul 06 2016(Updated: )
The web-restore interface in Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar through 7.1.2 and 7.2.x through 7.2.1 allows remote authenticated users to read or delete directories via a Linux backup-restore operation.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| EMC Avamar Virtual Edition | <=7.2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2016-0906?
CVE-2016-0906 has a medium severity rating due to the potential for remote authenticated users to manipulate critical data.
How do I fix CVE-2016-0906?
To fix CVE-2016-0906, update your EMC Avamar software to version 7.2.2 or later.
Who is affected by CVE-2016-0906?
Organizations using EMC Avamar versions up to 7.2.1 are affected by CVE-2016-0906.
What is the impact of CVE-2016-0906?
The impact of CVE-2016-0906 includes unauthorized access to read or delete directories in the Avamar system.
Can CVE-2016-0906 be exploited remotely?
Yes, CVE-2016-0906 can be exploited by remote authenticated users, posing a security risk.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/emc
- canonical/emc avamar virtual edition
- version/emc avamar virtual edition/7.2.1