Unauthenticated Remote Access to EMC Avamar Server Software Maintenance Page
CVE-2017-4989 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information, perform software updates, or run maintenance workflows.
Learn more about our Cis Benchmark Audit For Server Software.