Avamar Server@* Security Vulnerabilities and Issues — Avamar Server@* CVE List

Lucene search

EmcAvamar Server*

5 matches found

CVE•added 2016/09/21 2:59 a.m.•43 views

CVE-2016-0903

Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 rely on client-side authentication, which allows remote attackers to spoof clients and read backup data via a modified client agent.

9.1CVSS8.8AI score0.00627EPSS

CVE•added 2016/09/21 2:59 a.m.•40 views

CVE-2016-0920

Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root access via a crafted parameter to a command that is available in the sudo configuration.

7.8CVSS7.6AI score0.00132EPSS

CVE•added 2016/09/21 2:59 a.m.•37 views

CVE-2016-0904

Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use the same encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms and obtain sensitive client-server traffic information by...

8.6CVSS8.4AI score0.00307EPSS

CVE•added 2016/09/21 2:59 a.m.•34 views

CVE-2016-0921

Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use weak permissions for unspecified directories, which allows local users to obtain root access by replacing a script with a Trojan horse program.

6.9CVSS6.8AI score0.00104EPSS

CVE•added 2016/09/21 2:59 a.m.•30 views

CVE-2016-0905

Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command.

7.2CVSS6.8AI score0.00138EPSS