Remote Directory Read and Delete Vulnerability in EMC Avamar

Remote Directory Read and Delete Vulnerability in EMC Avamar

CVE-2016-0906 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

The web-restore interface in Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar through 7.1.2 and 7.2.x through 7.2.1 allows remote authenticated users to read or delete directories via a Linux backup-restore operation.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.