CyberSec.Space Logo
Back to CVE Browser

CVE-2017-4989

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0290%
EPSS Percentile34.15th
PublishedJun 21, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information, perform software updates, or run maintenance workflows.

Affected Platforms (CPE)

πŸ“¦
Emc

Avamar Server

= 7.2.0-401
πŸ“¦
Emc

Avamar Server

= 7.2.1-31
πŸ“¦
Emc

Avamar Server

= 7.2.1-32
πŸ“¦
Emc

Avamar Server

= 7.3.0-226
πŸ“¦
Emc

Avamar Server

= 7.3.0-233
πŸ“¦
Emc

Avamar Server

= 7.3.1-125

References & Advisories

πŸ”— http://www.securityfocus.com/archive/1/540754/30/0/threaded
πŸ”— http://www.securityfocus.com/bid/99243
πŸ”— http://www.securitytracker.com/id/1038718
πŸ”— http://www.securityfocus.com/archive/1/540754/30/0/threaded
πŸ”— http://www.securityfocus.com/bid/99243
πŸ”— http://www.securitytracker.com/id/1038718

Related Vulnerabilities

CVE-2020-2949510.0

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote una...

CVE-2020-2949310.0

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. A remote unauthentic...

CVE-2020-53419.8

Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell ...

CVE-2017-49909.8

In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an unauthorized attacker may leverage the file...