Deserialization of Untrusted Data Vulnerability in Dell EMC Avamar Server and Integrated Data Protection Appliance

Deserialization of Untrusted Data Vulnerability in Dell EMC Avamar Server and Integrated Data Protection Appliance

CVE-2020-5341 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 and 2.4.1 contain a Deserialization of Untrusted Data Vulnerability. A remote unauthenticated attacker could exploit this vulnerability to send a serialized payload that would execute code on the system.

Learn more about our Cis Benchmark Audit For Server Software.