Vulnerability Details CVE-2017-15548
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 36.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2017-15548
-
cpe:2.3:a:emc:avamar_server:7.1-145
-
cpe:2.3:a:emc:avamar_server:7.1-21
-
cpe:2.3:a:emc:avamar_server:7.1-302
-
cpe:2.3:a:emc:avamar_server:7.1-370
-
cpe:2.3:a:emc:avamar_server:7.2-309
-
cpe:2.3:a:emc:avamar_server:7.2-32
-
cpe:2.3:a:emc:avamar_server:7.2-401
-
cpe:2.3:a:emc:avamar_server:7.3-125
-
cpe:2.3:a:emc:avamar_server:7.3-211
-
cpe:2.3:a:emc:avamar_server:7.3-226
-
cpe:2.3:a:emc:avamar_server:7.3-233
-
cpe:2.3:a:emc:avamar_server:7.4-242
-
cpe:2.3:a:emc:avamar_server:7.4-58
-
cpe:2.3:a:emc:avamar_server:7.5-183
-
cpe:2.3:a:emc:integrated_data_protection_appliance:2.0
-
cpe:2.3:a:emc:networker:9.0
-
cpe:2.3:a:emc:networker:9.1
-
cpe:2.3:a:emc:networker:9.2