151 matches found
F5 Networks BIG-IP : BIG-IP Azure cloud vulnerability (K61757346)
In some circumstances, a BIG-IP Azure cloud instance may contain a default administrative password which can be used to remotely log in to the BIG-IP system. The affected administrative account is the Azure instance administrative user created at deployment. The root and admin accounts are not...
EMC Avamar Data Store and EMC Avamar Virtual Edition Local Elevation of Privilege Vulnerability
EMC Avamar Data Store ADS and EMC Avamar Virtual Edition AVE are both backup and recovery solutions from EMC Corporation. The solutions provide data backup, disaster recovery, and deduplication elimination. A security vulnerability exists in EMC ADS and AVE versions 7.3.0 and 7.3.1. An attacker...
EMC Avamar ADS / AVE 7.3.0.x < 7.3.0 Hotfix 268253 / 7.3.1.x < 7.3.1 Hotfix 272363 Incorrect File Ownership Local Privilege Escalation (ESA-2016-146)
According to its self-reported version number, the EMC Avamar Data Store ADS or Avamar Virtual Edition AVE software running on the remote host is a version prior to 7.3.0 Hotfix 268253 7.3.0.233 or prior to 7.3.1 Hotfix 272363 7.3.1.125. It is, therefore, affected by a local privilege escalation...
CVE-2016-8214
EMC Avamar Data Store ADS and Avamar Virtual Edition AVE versions 7.3.0 and 7.3.1 contain a vulnerability that may allow malicious administrators to compromise Avamar servers...
CVE-2016-8214
CVE-2016-8214 affects EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3.0 and 7.3.1. The root cause is incorrect file ownership that enables a local attacker with administrative access to bypass certain sudo restrictions and achieve root-level privilege escalation, potenti...
EMC Avamar ADS / AVE < 7.3.0 Hotfix 263301 PostgreSQL Command Local Privilege Escalation (ESA-2016-111)
According to its self-reported version number, the EMC Avamar Data Store ADS or Avamar Virtual Edition AVE software running on the remote host is a version prior to 7.3.0 Hotfix 263301 7.3.0.233, or the configuration is not patched. It is, therefore, affected by a local privilege escalation...
Design/Logic Flaw
EMC Avamar Data Store ADS and Avamar Virtual Edition AVE versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users...
CVE-2016-0909
EMC Avamar Data Store ADS and Avamar Virtual Edition AVE versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users...
CVE-2016-0909
EMC Avamar Data Store ADS and Avamar Virtual Edition AVE versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users...
CVE-2016-0909
Affected products: EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) prior to 7.3.0 Hotfix 263301 (7.3.0.233). Issue: Local privilege escalation vulnerability allowing an attacker to execute arbitrary PostgreSQL commands on the remote host and gain elevated privileges. Root cause / vec...
EMC Avamar Data Store and Avamar Virtual Edition Elevation of Privilege Vulnerability
EMC Avamar is a backup and recovery solution from EMC Corporation. The solution provides data backup, disaster recovery, deduplication, etc. Avamar Data Store ADS is one of the components used for data backup; Avamar Virtual Edition AVE is one of the components used to realize the replication...
F5 Networks BIG-IP : TMM SSL/TLS virtual server vulnerability (K39508724)
TMM SSL/TLS virtual server using CBC cipher may be vulnerable to a 'Vaudenay timing attack' aka 'Padding oracle attack.'CVE-2016-6907 The BIG-IP system may be vulnerable to a padding oracle attack on the following platforms : The VIPRION B4450 blade and BIG-IP 2000 and 4000 series platforms are...
EMC Avamar Data Store and Avamar Virtual Edition Backup Data Read Vulnerability
EMC Avamar is a backup and recovery solution. EMC Avamar Server's ADS and AVE rely on client-side authentication, allowing remote attackers to read backup information using a vulnerable modified client agent...
CVE-2016-0920
Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 allow local users to obtain root access via a crafted parameter to a command that is available in the sudo configuration...
CVE-2016-0920
Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 allow local users to obtain root access via a crafted parameter to a command that is available in the sudo configuration...
CVE-2016-0905
Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command...
CVE-2016-0904
Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 use the same encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms and obtain sensitive client-server traffic information by...
CVE-2016-0904
Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 use the same encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms and obtain sensitive client-server traffic information by...
CVE-2016-0903
Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 rely on client-side authentication, which allows remote attackers to spoof clients and read backup data via a modified client agent...
Command injection
Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command...