CVE-2020-29494: Path Traversal
First published: Thu Jan 14 2021(Updated: )
Dell EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a Path Traversal Vulnerability in PDM. A remote user could potentially exploit this vulnerability, to gain unauthorized write access to the arbitrary files stored on the server filesystem, causing deletion of arbitrary files.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell EMC Avamar Server | =19.1 | |
| Dell EMC Avamar Server | =19.2 | |
| Dell EMC Avamar Server | =19.3 | |
| Dell EMC Integrated Data Protection Appliance | =2.5 | |
| Dell EMC Integrated Data Protection Appliance | =2.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-29494?
CVE-2020-29494 is a Path Traversal Vulnerability in Dell EMC Avamar Server versions 19.1, 19.2, and 19.3.
How can a remote user exploit CVE-2020-29494?
A remote user could potentially exploit CVE-2020-29494 to gain unauthorized write access to arbitrary files stored on the server filesystem and cause deletion of arbitrary files.
Which software versions are affected by CVE-2020-29494?
Dell EMC Avamar Server versions 19.1, 19.2, and 19.3 are affected by CVE-2020-29494.
What is the severity of CVE-2020-29494?
CVE-2020-29494 has a severity rating of 8.7 (High).
How can I fix CVE-2020-29494?
To fix CVE-2020-29494, Dell EMC Avamar Server users should apply the appropriate security update provided by Dell.
- collector/nvd-index
- vendor/dell
- canonical/dell emc avamar server
- version/dell emc avamar server/19.1
- version/dell emc avamar server/19.2
- version/dell emc avamar server/19.3
- canonical/dell emc integrated data protection appliance
- version/dell emc integrated data protection appliance/2.5
- version/dell emc integrated data protection appliance/2.6