CyberSec.Space Logo
CVEブラウザに戻る

CVE-2017-15548

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0960%
EPSS Percentile5.58th
Published2018年1月5日
Last Modified2024年11月21日

Vulnerability Description

An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems.

Affected Platforms (CPE)

📦
Emc

Avamar Server

= 7.1-21
📦
Emc

Avamar Server

= 7.1-145
📦
Emc

Avamar Server

= 7.1-302
📦
Emc

Avamar Server

= 7.1-370
📦
Emc

Avamar Server

= 7.2-32
📦
Emc

Avamar Server

= 7.2-309
📦
Emc

Avamar Server

= 7.2-401
📦
Emc

Avamar Server

= 7.3-125
📦
Emc

Avamar Server

= 7.3-211
📦
Emc

Avamar Server

= 7.3-226
📦
Emc

Avamar Server

= 7.3-233
📦
Emc

Avamar Server

= 7.4-58
📦
Emc

Avamar Server

= 7.4-242
📦
Emc

Avamar Server

= 7.5-183
📦
Emc

Integrated Data Protection Appliance

= 2.0
📦
Emc

Networker

= 9.0
📦
Emc

Networker

= 9.1
📦
Emc

Networker

= 9.2

References & Advisories

🔗 http://seclists.org/fulldisclosure/2018/Jan/17
🔗 http://www.securityfocus.com/bid/102352
🔗 http://www.securitytracker.com/id/1040070
🔗 http://seclists.org/fulldisclosure/2018/Jan/17
🔗 http://www.securityfocus.com/bid/102352
🔗 http://www.securitytracker.com/id/1040070

関連する脆弱性情報

CVE-2020-2949510.0

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote una...

CVE-2020-2949310.0

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. A remote unauthentic...

CVE-2017-49899.8

In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker m...

CVE-2017-49909.8

In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an unauthorized attacker may leverage the file...