Remote Unauthenticated Root Access Vulnerability in EMC Avamar Server, NetWorker Virtual Edition, and Integrated Data Protection Appliance

Remote Unauthenticated Root Access Vulnerability in EMC Avamar Server, NetWorker Virtual Edition, and Integrated Data Protection Appliance

CVE-2017-15548 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems.

Learn more about our Cis Benchmark Audit For Server Software.