Vulnerability Details CVE-2017-15550
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could access arbitrary files on the server file system in the context of the running vulnerable application via Path traversal.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 81.9%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
Products affected by CVE-2017-15550
-
cpe:2.3:a:emc:avamar_server:7.1-145
-
cpe:2.3:a:emc:avamar_server:7.1-21
-
cpe:2.3:a:emc:avamar_server:7.1-302
-
cpe:2.3:a:emc:avamar_server:7.1-370
-
cpe:2.3:a:emc:avamar_server:7.2-309
-
cpe:2.3:a:emc:avamar_server:7.2-32
-
cpe:2.3:a:emc:avamar_server:7.2-401
-
cpe:2.3:a:emc:avamar_server:7.3-125
-
cpe:2.3:a:emc:avamar_server:7.3-211
-
cpe:2.3:a:emc:avamar_server:7.3-226
-
cpe:2.3:a:emc:avamar_server:7.3-233
-
cpe:2.3:a:emc:avamar_server:7.4-242
-
cpe:2.3:a:emc:avamar_server:7.4-58
-
cpe:2.3:a:emc:avamar_server:7.5-183
-
cpe:2.3:a:emc:integrated_data_protection_appliance:2.0
-
cpe:2.3:a:emc:networker:9.0
-
cpe:2.3:a:emc:networker:9.1
-
cpe:2.3:a:emc:networker:9.2