Back to search
CVE-2018-11077
Published: Nov 26, 2018
Modified: Sep 17, 2024
PUBLISHED
Description
'getlogs' utility in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 is affected by an OS command injection vulnerability. A malicious Avamar admin user may potentially be able to execute arbitrary commands under root privilege.
| Vendor | Product | Versions |
|---|---|---|
Dell EMC | Avamar | affected 7.2.0affected 7.2.1affected 7.3.0affected 7.3.1affected 7.4.0+4 more versions |
Dell EMC | Integrated Data Protection Appliance | affected 2.0affected 2.1affected 2.2 |
References
https://www.vmware.com/security/advisories/VMSA-2018-0029.html
x_refsource_CONFIRM
20181120 DSA-2018-155: Dell EMC Avamar and Integrated Data Protection Appliance Command Injection Vulnerability
mailing-list
x_refsource_FULLDISC
105971
vdb-entry
x_refsource_BID
1042153
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now