Lucene search
DellCVELIST:CVE-2018-11077HistoryNov 20, 2018 - 12:00 a.m.
CVE-2018-11077 Dell EMC Avamar and Integrated Data Protection Appliance Command Injection Vulnerability
2018-11-2000:00:00
dell
www.cve.org
‘getlogs’ utility in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 is affected by an OS command injection vulnerability. A malicious Avamar admin user may potentially be able to execute arbitrary commands under root privilege.
CNA Affected
[
{
"product": "Avamar",
"vendor": "Dell EMC",
"versions": [
{
"status": "affected",
"version": "7.2.0"
},
{
"status": "affected",
"version": "7.2.1"
},
{
"status": "affected",
"version": "7.3.0"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "7.4.0"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.5.0"
},
{
"status": "affected",
"version": "7.5.1"
},
{
"status": "affected",
"version": "18.1"
}
]
},
{
"product": "Integrated Data Protection Appliance ",
"vendor": "Dell EMC",
"versions": [
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.2"
}
]
}
]Related
cve
cve
CVE-2018-11077
2018-11-26 20:29:00
prion
prion
Command injection
2018-11-26 20:29:00
nvd
nvd
CVE-2018-11077
2018-11-26 20:29:00
vmware
vmware
vSphere Data Protection (VDP) updates address multiple security issues.
2018-11-20 00:00:00
nessus
nessus