Lucene search
K

9 matches found

Zero Day Initiative
Zero Day Initiative
added 2024/12/16 12:0 a.m.8 views

Dell Avamar Fitness Analyzer API SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Dell Avamar. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of the proxies parameter provided to the timeline endpoint. The issue...

7.1CVSS8.6AI score0.00626EPSS
Exploits0References1
OSV
OSV
added 2021/01/14 9:15 p.m.2 views

CVE-2020-29493

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database, causing unauthorize...

9.8CVSS6AI score0.02611EPSS
Exploits0References1
OSV
OSV
added 2021/01/14 9:15 p.m.2 views

CVE-2020-29495

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS with high...

10CVSS7.5AI score0.06158EPSS
Exploits0References1
NVD
NVD
added 2021/01/14 9:15 p.m.15 views

CVE-2020-29495

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS with high...

10CVSS9.9AI score0.06158EPSS
Exploits0References1
Prion
Prion
added 2021/01/14 9:15 p.m.12 views

Command injection

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS with high...

10CVSS9.7AI score0.06158EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2021/01/14 9:15 p.m.13 views

Sql injection

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database, causing unauthorize...

7.5CVSS9.6AI score0.02611EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2021/01/14 9:10 p.m.14 views

CVE-2020-29495

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS with high...

10CVSS9.8AI score0.06158EPSS
Exploits0References1
CVE
CVE
added 2021/01/14 9:10 p.m.56 views

CVE-2020-29495

Dell EMC Avamar Server (versions 19.1–19.3) contains an OS Command Injection vulnerability in Fitness Analyzer. Exploitation requires remote access with no authentication and can lead to arbitrary OS commands execution on the underlying OS with high privileges, effectively risking full compromise...

10CVSS9.7AI score0.06158EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2021/01/14 9:10 p.m.14 views

CVE-2020-29493

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database, causing unauthorize...

10CVSS9.8AI score0.02611EPSS
Exploits0References1
Rows per page
Query Builder