CyberSec.Space Logo
CVEブラウザに戻る

CVE-2017-4989

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0290%
EPSS Percentile34.15th
Published2017年6月21日
Last Modified2026年5月13日

Vulnerability Description

In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information, perform software updates, or run maintenance workflows.

Affected Platforms (CPE)

📦
Emc

Avamar Server

= 7.2.0-401
📦
Emc

Avamar Server

= 7.2.1-31
📦
Emc

Avamar Server

= 7.2.1-32
📦
Emc

Avamar Server

= 7.3.0-226
📦
Emc

Avamar Server

= 7.3.0-233
📦
Emc

Avamar Server

= 7.3.1-125

References & Advisories

🔗 http://www.securityfocus.com/archive/1/540754/30/0/threaded
🔗 http://www.securityfocus.com/bid/99243
🔗 http://www.securitytracker.com/id/1038718
🔗 http://www.securityfocus.com/archive/1/540754/30/0/threaded
🔗 http://www.securityfocus.com/bid/99243
🔗 http://www.securitytracker.com/id/1038718

関連する脆弱性情報

CVE-2020-2949510.0

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote una...

CVE-2020-2949310.0

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. A remote unauthentic...

CVE-2020-53419.8

Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell ...

CVE-2017-49909.8

In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an unauthorized attacker may leverage the file...