CVE-2017-4989 Information
Feb 14, 2021
cve
Description
In EMC Avamar Server Software 7.3.1-125 7.3.0-233 7.3.0-226 7.2.1-32 7.2.1-31 7.2.0-401 an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information perform software updates or run maintenance workflows.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Reference
http://www.securityfocus.com/archive/1/540754/30/0/threaded http://www.securityfocus.com/bid/99243 http://www.securitytracker.com/id/1038718
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
9.8
Share on: