Lucene search

PRIOn knowledge basePRION:CVE-2013-3274

HistoryJul 19, 2013 - 2:36 p.m.

Authorization

2013-07-1914:36:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

51.9%

JSON

EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly determine authorization for calls to Java RMI methods, which allows remote authenticated users to execute arbitrary code via unspecified vectors.

CPENameOperatorVersion
avamar_servereq5.0
avamar_serverle6.1
avamar_servereq6.0
avamar_servereq4.0
avamar_servereq4.1
avamar_server_virtual_editioneq6.0
avamar_server_virtual_editioneq5.0
avamar_server_virtual_editioneq4.0
avamar_server_virtual_editionle6.1
avamar_server_virtual_editioneq4.1

Name	Operator	Version
avamar_server	eq	5.0
avamar_server	le	6.1
avamar_server	eq	6.0
avamar_server	eq	4.0
avamar_server	eq	4.1
avamar_server_virtual_edition	eq	6.0
avamar_server_virtual_edition	eq	5.0
avamar_server_virtual_edition	eq	4.0
avamar_server_virtual_edition	le	6.1
avamar_server_virtual_edition	eq	4.1

References

archives.neohapsis.com/archives/bugtraq/2013-07/0114.html

7.9 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

51.9%

JSON

Related for PRION:CVE-2013-3274