Lucene search

K

6 matches found

CVE
CVE
added 2011/09/19 12:2 p.m.39 views

CVE-2011-1740

EMC Avamar 4.x, 5.0.x, and 6.0.x before 6.0.0-592 allows remote authenticated users to modify client data or obtain sensitive information about product activities by leveraging privileged access to a different domain.

7.7CVSS6AI score0.00361EPSS
CVE
CVE
added 2013/05/03 11:57 a.m.38 views

CVE-2013-0945

EMC Avamar Client before 6.1.101-89 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

9.3CVSS6.7AI score0.00201EPSS
CVE
CVE
added 2011/03/16 10:55 p.m.31 views

CVE-2011-0442

The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to transmit event details in (1) service requests and (2) e-mail messages, which might allow remote attackers to obtain sensitive information by sniffing the network.

3.5CVSS6.4AI score0.00385EPSS
CVE
CVE
added 2013/01/21 9:55 p.m.31 views

CVE-2012-2291

EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack.

7.2CVSS6.9AI score0.00032EPSS
CVE
CVE
added 2013/05/03 11:57 a.m.31 views

CVE-2013-0944

The web-based file-restore interface in EMC Avamar Server before 6.1.0 allows remote authenticated users to read arbitrary files via a crafted URL.

3.5CVSS6.3AI score0.00162EPSS
CVE
CVE
added 2011/03/16 10:55 p.m.30 views

CVE-2011-0648

Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote authenticated users to gain privileges via unknown vectors.

8.5CVSS6.6AI score0.02531EPSS