CVE-2017-4989
First published: Wed Jun 21 2017(Updated: )
In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information, perform software updates, or run maintenance workflows.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| EMC Avamar Server | =7.2.0-401 | |
| EMC Avamar Server | =7.2.1-31 | |
| EMC Avamar Server | =7.2.1-32 | |
| EMC Avamar Server | =7.3.0-226 | |
| EMC Avamar Server | =7.3.0-233 | |
| EMC Avamar Server | =7.3.1-125 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- vendor/emc
- canonical/emc avamar server
- version/emc avamar server/7.2.0-401
- version/emc avamar server/7.2.1-31
- version/emc avamar server/7.2.1-32
- version/emc avamar server/7.3.0-226
- version/emc avamar server/7.3.0-233
- version/emc avamar server/7.3.1-125