Home
MEDIUM: 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:LDefault status
unaffected
19.8 through 19.12 (semver) before Version 19.12 with CHF 338905 or later
affected
Default status
unaffected
19.8 through 19.12 (semver) before Version 19.12 with CHF 338905 or later
affected
Default status
unaffected
Any version before Version 2.7.9 with AV CHF 338905
affected
Description
Dell Avamar, versions prior to 19.12 with patch 338905, contains an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Security. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to information disclosure.
Problem types
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Product status
19.8 through 19.12 (semver) before Version 19.12 with CHF 338905 or later
19.8 through 19.12 (semver) before Version 19.12 with CHF 338905 or later
Any version before Version 2.7.9 with AV CHF 338905
Credits
Dell would like to thank zzcentury for reporting this issue
References
www.dell.com/...mar-virtual-edition-multiple-vulnerabilities