Path Traversal Vulnerability in EMC Avamar Server, NetWorker Virtual Edition, and Integrated Data Protection Appliance

Path Traversal Vulnerability in EMC Avamar Server, NetWorker Virtual Edition, and Integrated Data Protection Appliance

CVE-2017-15550 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could access arbitrary files on the server file system in the context of the running vulnerable application via Path traversal.

Learn more about our Cis Benchmark Audit For Server Software.