CVE-2017-4989

In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information, perform software updates, or run maintenance workflows.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:emc:avamar_server:7.2.0-401:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar_server:7.2.1-31:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar_server:7.2.1-32:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar_server:7.3.0-226:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar_server:7.3.0-233:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar_server:7.3.1-125:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-06-21 20:29

Updated : 2023-12-10 12:15


NVD link : CVE-2017-4989

Mitre link : CVE-2017-4989

CVE.ORG link : CVE-2017-4989


JSON object : View

Products Affected

emc

  • avamar_server
CWE
CWE-287

Improper Authentication