16 matches found
CVE-2021-21601
CVE-2021-21601 concerns Dell EMC Data Protection Search (19.4 and earlier) and IDPA (2.6.1 and earlier). The vulnerability is described as an information exposure in a log file vulnerability within the CIS, enabling a local, low-privileged attacker to disclose certain user credentials and use the...
CVE-2019-3752
Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance IDPA versions 2.0, 2.1, 2.2, 2.3 and 2.4. contain an XML External EntityXXE Injection vulnerability. A remote unauthenticated malicious user could potentially exploit this...
Sql injection
Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance IDPA versions 2.0, 2.1, 2.2, 2.3 and 2.4. contain an XML External EntityXXE Injection vulnerability. A remote unauthenticated malicious user could potentially exploit this...
CVE-2019-3752
CVE-2019-3752 impacts Dell EMC Avamar Server (versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1) and Dell EMC Integrated Data Protection Appliance (IDPA) (2.0–2.4). It is an XML External Entity (XXE) Injection vulnerability allowing a remote unauthenticated attacker to cause Denial of Service or informati...
CVE-2019-3765
Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance IDPA versions 2.0, 2.1, 2.2, 2.3 and 2.4 contain an Incorrect Permission Assignment for Critical Resource vulnerability. A remote authenticated malicious user potentially could...
Code injection
Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance IDPA versions 2.0, 2.1, 2.2, 2.3 and 2.4 contain an Incorrect Permission Assignment for Critical Resource vulnerability. A remote authenticated malicious user potentially could...
CVE-2019-3765
Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance IDPA versions 2.0, 2.1, 2.2, 2.3 and 2.4 contain an Incorrect Permission Assignment for Critical Resource vulnerability. A remote authenticated malicious user potentially could...
CVE-2019-3765
Summary (CVE-2019-3765): Dell EMC Avamar Server (versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1) and Dell EMC Integrated Data Protection Appliance (IDPA) (versions 2.0–2.4) are affected by an Incorrect Permission Assignment for a Critical Resource vulnerability. A remote authenticated attacker could vi...
CVE-2018-11067
Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance IDPA versions 2.0, 2.1 and 2.2 contain an open redirection vulnerability. A remote unauthenticated attacker could...
CVE-2018-11066
Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance IDPA versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could...
CVE-2018-11077
'getlogs' utility in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1 and Dell EMC Integrated Data Protection Appliance IDPA versions 2.0, 2.1 and 2.2 is affected by an OS command injection vulnerability. A malicious Avamar admin user may potentially...
CVE-2018-11067 Dell EMC Avamar and Integrated Data Protection Appliance Open Redirection Vulnerability
Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance IDPA versions 2.0, 2.1 and 2.2 contain an open redirection vulnerability. A remote unauthenticated attacker could...
CVE-2018-11067
CVE-2018-11067 is an open redirection vulnerability affecting Dell EMC Avamar Client Manager in Avamar Server (versions 7.2.x–18.1) and IDPA 2.0–2.2. An unauthenticated remote attacker could lure users to arbitrary URLs via crafted links, enabling phishing. Public records also document VMware vSp...
CVE-2018-11076
CVE-2018-11076 is disclosed in VMware vSphere Data Protection (VDP). The issue is a command-injection vulnerability in the getlogs troubleshooting utility that could let an authenticated admin execute arbitrary commands as root. Affected products/versions: VDP 6.0.x (before 6.0.9) and 6.1.x (befo...
CVE-2018-11066 Dell EMC Avamar and Integrated Data Protection Appliance Remote Code Execution Vulnerability
Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance IDPA versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could...
CVE-2018-11048
CVE-2018-11048 affects Dell EMC Data Protection Advisor (DPA) versions 6.2, 6.3, 6.4, 6.5 and IDPA 2.0, 2.1, with a XML External Entity (XXE) Injection in the REST API. An authenticated remote attacker could read certain server files or cause a denial of service by sending crafted DTDs in XML req...