Home
HIGH: 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:LDefault status
unaffected
19.8 through 19.10 (semver) before 19.10 SP1 with CHF 338904 or later
affected
Default status
unaffected
19.8 through 19.10 (semver) before 19.10 SP1 with CHF 338904 or later
affected
Description
Dell Avamar, versions prior to 19.10 SP1 with patch 338904, contains a Trusting HTTP Permission Methods on the Server-Side vulnerability in Security. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
Problem types
CWE-650: Trusting HTTP Permission Methods on the Server Side
Product status
19.8 through 19.10 (semver) before 19.10 SP1 with CHF 338904 or later
19.8 through 19.10 (semver) before 19.10 SP1 with CHF 338904 or later
References
www.dell.com/...mar-virtual-edition-multiple-vulnerabilities