Shodan
Vulnerabilities
Vulnerable Software
Emc:  >> Avamar  >> 5.0  Security Vulnerabilities
CVE-2016-0906
The web-restore interface in Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar through 7.1.2 and 7.2.x through 7.2.1 allows remote authenticated users to read or delete directories via a Linux backup-restore operation.
CVSS Score
8.8
EPSS Score
0.004
Published
2016-07-06
CVE-2013-0944
The web-based file-restore interface in EMC Avamar Server before 6.1.0 allows remote authenticated users to read arbitrary files via a crafted URL.
CVSS Score
3.5
EPSS Score
0.002
Published
2013-05-03
CVE-2013-0945
EMC Avamar Client before 6.1.101-89 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
CVSS Score
9.3
EPSS Score
0.002
Published
2013-05-03
CVE-2012-2291
EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack.
CVSS Score
7.2
EPSS Score
0.0
Published
2013-01-21
CVE-2011-1740
EMC Avamar 4.x, 5.0.x, and 6.0.x before 6.0.0-592 allows remote authenticated users to modify client data or obtain sensitive information about product activities by leveraging privileged access to a different domain.
CVSS Score
7.7
EPSS Score
0.004
Published
2011-09-19
CVE-2011-0442
The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to transmit event details in (1) service requests and (2) e-mail messages, which might allow remote attackers to obtain sensitive information by sniffing the network.
CVSS Score
3.5
EPSS Score
0.004
Published
2011-03-16
CVE-2011-0648
Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote authenticated users to gain privileges via unknown vectors.
CVSS Score
8.5
EPSS Score
0.025
Published
2011-03-16
CVE-2010-1919
Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 allows remote attackers to cause a denial of service (gsan service hang) by sending a crafted message using TCP.
CVSS Score
7.1
EPSS Score
0.017
Published
2010-05-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved