Lucene search
K

151 matches found

Tenable Nessus
Tenable Nessus
added 2017/05/23 12:0 a.m.41 views

F5 Networks BIG-IP : BIG-IP Azure cloud vulnerability (K61757346)

In some circumstances, a BIG-IP Azure cloud instance may contain a default administrative password which can be used to remotely log in to the BIG-IP system. The affected administrative account is the Azure instance administrative user created at deployment. The root and admin accounts are not...

9.8CVSS8.3AI score0.01141EPSS
Exploits0References4
CNVD
CNVD
added 2017/02/16 12:0 a.m.5 views

EMC Avamar Data Store and EMC Avamar Virtual Edition Local Elevation of Privilege Vulnerability

EMC Avamar Data Store ADS and EMC Avamar Virtual Edition AVE are both backup and recovery solutions from EMC Corporation. The solutions provide data backup, disaster recovery, and deduplication elimination. A security vulnerability exists in EMC ADS and AVE versions 7.3.0 and 7.3.1. An attacker...

6.7CVSS6.9AI score0.00387EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2017/02/02 12:0 a.m.33 views

EMC Avamar ADS / AVE 7.3.0.x < 7.3.0 Hotfix 268253 / 7.3.1.x < 7.3.1 Hotfix 272363 Incorrect File Ownership Local Privilege Escalation (ESA-2016-146)

According to its self-reported version number, the EMC Avamar Data Store ADS or Avamar Virtual Edition AVE software running on the remote host is a version prior to 7.3.0 Hotfix 268253 7.3.0.233 or prior to 7.3.1 Hotfix 272363 7.3.1.125. It is, therefore, affected by a local privilege escalation...

6.7CVSS7AI score0.00387EPSS
Exploits1References3
OSV
OSV
added 2017/01/25 11:59 a.m.2 views

CVE-2016-8214

EMC Avamar Data Store ADS and Avamar Virtual Edition AVE versions 7.3.0 and 7.3.1 contain a vulnerability that may allow malicious administrators to compromise Avamar servers...

6.7CVSS5.8AI score0.00387EPSS
Exploits1References3
CVE
CVE
added 2017/01/25 11:0 a.m.42 views

CVE-2016-8214

CVE-2016-8214 affects EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3.0 and 7.3.1. The root cause is incorrect file ownership that enables a local attacker with administrative access to bypass certain sudo restrictions and achieve root-level privilege escalation, potenti...

6.7CVSS6.4AI score0.00387EPSS
Exploits1References3Affected Software2
Tenable Nessus
Tenable Nessus
added 2016/12/16 12:0 a.m.87 views

EMC Avamar ADS / AVE < 7.3.0 Hotfix 263301 PostgreSQL Command Local Privilege Escalation (ESA-2016-111)

According to its self-reported version number, the EMC Avamar Data Store ADS or Avamar Virtual Edition AVE software running on the remote host is a version prior to 7.3.0 Hotfix 263301 7.3.0.233, or the configuration is not patched. It is, therefore, affected by a local privilege escalation...

8.4CVSS8.1AI score0.00377EPSS
Exploits0References3
Prion
Prion
added 2016/11/15 7:30 p.m.13 views

Design/Logic Flaw

EMC Avamar Data Store ADS and Avamar Virtual Edition AVE versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users...

7.2CVSS7AI score0.00377EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2016/11/15 7:30 p.m.3 views

CVE-2016-0909

EMC Avamar Data Store ADS and Avamar Virtual Edition AVE versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users...

8.4CVSS5.8AI score0.00377EPSS
Exploits0References3
Cvelist
Cvelist
added 2016/11/15 7:0 p.m.23 views

CVE-2016-0909

EMC Avamar Data Store ADS and Avamar Virtual Edition AVE versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users...

8.3AI score0.00377EPSS
Exploits0References3
CVE
CVE
added 2016/11/15 7:0 p.m.50 views

CVE-2016-0909

Affected products: EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) prior to 7.3.0 Hotfix 263301 (7.3.0.233). Issue: Local privilege escalation vulnerability allowing an attacker to execute arbitrary PostgreSQL commands on the remote host and gain elevated privileges. Root cause / vec...

8.4CVSS8.2AI score0.00377EPSS
Exploits0References3Affected Software2
CNVD
CNVD
added 2016/10/20 12:0 a.m.5 views

EMC Avamar Data Store and Avamar Virtual Edition Elevation of Privilege Vulnerability

EMC Avamar is a backup and recovery solution from EMC Corporation. The solution provides data backup, disaster recovery, deduplication, etc. Avamar Data Store ADS is one of the components used for data backup; Avamar Virtual Edition AVE is one of the components used to realize the replication...

8.4CVSS7.1AI score0.00377EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/09/28 12:0 a.m.53 views

F5 Networks BIG-IP : TMM SSL/TLS virtual server vulnerability (K39508724)

TMM SSL/TLS virtual server using CBC cipher may be vulnerable to a 'Vaudenay timing attack' aka 'Padding oracle attack.'CVE-2016-6907 The BIG-IP system may be vulnerable to a padding oracle attack on the following platforms : The VIPRION B4450 blade and BIG-IP 2000 and 4000 series platforms are...

5.4AI score
Exploits0References2
CNVD
CNVD
added 2016/09/22 12:0 a.m.4 views

EMC Avamar Data Store and Avamar Virtual Edition Backup Data Read Vulnerability

EMC Avamar is a backup and recovery solution. EMC Avamar Server's ADS and AVE rely on client-side authentication, allowing remote attackers to read backup information using a vulnerable modified client agent...

9.1CVSS6.7AI score0.03449EPSS
Exploits0References1
OSV
OSV
added 2016/09/21 2:59 a.m.3 views

CVE-2016-0920

Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 allow local users to obtain root access via a crafted parameter to a command that is available in the sudo configuration...

7.8CVSS5.8AI score0.00414EPSS
Exploits0References2
NVD
NVD
added 2016/09/21 2:59 a.m.14 views

CVE-2016-0920

Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 allow local users to obtain root access via a crafted parameter to a command that is available in the sudo configuration...

7.8CVSS7.4AI score0.00414EPSS
Exploits0References2
OSV
OSV
added 2016/09/21 2:59 a.m.7 views

CVE-2016-0905

Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command...

6.7CVSS5.8AI score0.00434EPSS
Exploits0References3
NVD
NVD
added 2016/09/21 2:59 a.m.16 views

CVE-2016-0904

Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 use the same encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms and obtain sensitive client-server traffic information by...

8.6CVSS8.4AI score0.01431EPSS
Exploits0References3
OSV
OSV
added 2016/09/21 2:59 a.m.5 views

CVE-2016-0904

Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 use the same encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms and obtain sensitive client-server traffic information by...

8.6CVSS5.8AI score0.01431EPSS
Exploits0References3
OSV
OSV
added 2016/09/21 2:59 a.m.3 views

CVE-2016-0903

Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 rely on client-side authentication, which allows remote attackers to spoof clients and read backup data via a modified client agent...

9.1CVSS5.8AI score0.03449EPSS
Exploits0References3
Prion
Prion
added 2016/09/21 2:59 a.m.12 views

Command injection

Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command...

7.2CVSS6.7AI score0.00434EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder