Emc Avamar Server Security Vulnerabilities and Issues — Emc Avamar Server CVE List

Lucene search

DellEmc Avamar Server

10 matches found

CVE•added 2021/07/16 10:15 p.m.•192 views

CVE-2019-3752

Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4. contain an XML External Entity(XXE) Injection vulnerability. A remote unauthenticated malicious user could potentially exploit this vulner...

8.2CVSS8.1AI score0.00376EPSS

CVE•added 2021/07/29 4:15 p.m.•51 views

CVE-2020-5329

Dell EMC Avamar Server contains an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect application users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links.

6.1CVSS6.3AI score0.00203EPSS

CVE•added 2021/01/14 9:15 p.m.•48 views

CVE-2020-29493

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database, causing unauthorized ...

10CVSS9.7AI score0.05795EPSS

CVE•added 2021/07/28 12:15 a.m.•48 views

CVE-2020-5341

Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 and 2.4.1 contain a Deserialization of Untrusted Data Vulnerability. A remote unauthenticated a...

10CVSS9.3AI score0.1271EPSS

CVE•added 2021/01/14 9:15 p.m.•45 views

CVE-2020-29495

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS with high privil...

10CVSS9.7AI score0.1549EPSS

CVE•added 2021/01/14 9:15 p.m.•42 views

CVE-2020-29494

Dell EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a Path Traversal Vulnerability in PDM. A remote user could potentially exploit this vulnerability, to gain unauthorized write access to the arbitrary files stored on the server filesystem, causing deletion of arbitrary files.

8.7CVSS8.5AI score0.00963EPSS

CVE•added 2021/02/15 10:15 p.m.•34 views

CVE-2021-21511

Dell EMC Avamar Server, versions 19.3 and 19.4 contain an Improper Authorization vulnerability in the web UI. A remote low privileged attacker could potentially exploit this vulnerability, to gain unauthorized read or modification access to other users' backup data.

8.1CVSS7.9AI score0.00152EPSS

CVE•added 2021/12/21 5:15 p.m.•33 views

CVE-2021-36317

Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in AvInstaller. A local attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulner...

6.7CVSS6.9AI score0.00043EPSS

CVE•added 2021/12/21 5:15 p.m.•31 views

CVE-2021-36316

Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain an improper privilege management vulnerability in AUI. A malicious user with high privileges could potentially exploit this vulnerability, leading to the disclosure of the AUI info and performing some unauthorized operation on...

7.2CVSS6.8AI score0.00226EPSS

CVE•added 2021/12/21 5:15 p.m.•31 views

CVE-2021-36318

Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage vulnerability. A high privileged user could potentially exploit this vulnerability, leading to a complete outage.

6.7CVSS6.9AI score0.0006EPSS