Arbitrary File Upload Vulnerability in EMC Avamar Server, EMC NetWorker Virtual Edition, and EMC Integrated Data Protection Appliance
CVE-2017-15549 · HIGH Severity
AV:N/AC:L/AU:S/C:C/I:C/A:C
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could potentially upload arbitrary maliciously crafted files in any location on the server file system.
Learn more about our Cis Benchmark Audit For Server Software.