Skip to main content

Emc Integrated Data Protection Appliance

11 CVEs product

Monthly

CVE-2021-21601 HIGH PATCH This Week

Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an Information Exposure in Log File Vulnerability in CIS. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Data Protection Search Emc Integrated Data Protection Appliance
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-21511 HIGH This Week

Dell EMC Avamar Server, versions 19.3 and 19.4 contain an Improper Authorization vulnerability in the web UI. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Authentication Bypass Emc Avamar Server Emc Integrated Data Protection Appliance
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2020-5350 HIGH This Week

Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 contain a command injection vulnerability in the ACM component. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Dell Emc Integrated Data Protection Appliance
NVD
CVSS 3.1
7.2
EPSS
2.0%
CVE-2019-3765 HIGH This Week

Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4 contain an Incorrect Permission. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Avamar Server Emc Integrated Data Protection Appliance
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2018-11077 MEDIUM PATCH This Month

'getlogs' utility in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Dell Command Injection Emc Avamar Emc Integrated Data Protection Appliance Vsphere Data Protection
NVD
CVSS 3.0
6.7
EPSS
1.0%
CVE-2018-11076 MEDIUM PATCH This Month

Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0 and 7.4.1 and Dell EMC Integrated Data Protection Appliance (IDPA) 2.0 are affected by an information exposure vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Java Dell Information Disclosure Emc Avamar Emc Integrated Data Protection Appliance +1
NVD
CVSS 3.0
6.5
EPSS
0.8%
CVE-2018-11067 MEDIUM PATCH This Month

Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Dell Open Redirect Emc Avamar Emc Integrated Data Protection Appliance Vsphere Data Protection
NVD
CVSS 3.0
6.1
EPSS
1.8%
CVE-2018-11066 CRITICAL PATCH Act Now

Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell RCE Emc Avamar Emc Integrated Data Protection Appliance Vsphere Data Protection
NVD
CVSS 3.0
9.8
EPSS
9.9%
CVE-2018-11062 HIGH This Week

Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 contain undocumented accounts named 'support' and 'admin' that are protected with default passwords. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Emc Integrated Data Protection Appliance
NVD
CVSS 3.0
8.8
EPSS
1.8%
CVE-2018-11048 HIGH This Week

Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 contain a XML External Entity (XXE) Injection vulnerability in. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell XXE Denial Of Service Emc Data Protection Advisor Emc Integrated Data Protection Appliance
NVD
CVSS 3.1
8.1
EPSS
2.1%
CVE-2018-1217 CRITICAL POC THREAT Act Now

Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection Appliance 2.0 and 2.1, is affected by a missing access control check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Dell Emc Avamar Emc Integrated Data Protection Appliance
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
46.6%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an Information Exposure in Log File Vulnerability in CIS. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Data Protection Search +1
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Dell EMC Avamar Server, versions 19.3 and 19.4 contain an Improper Authorization vulnerability in the web UI. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Authentication Bypass Emc Avamar Server +1
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 contain a command injection vulnerability in the ACM component. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Dell Emc Integrated Data Protection Appliance
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4 contain an Incorrect Permission. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Avamar Server +1
NVD
EPSS 1% CVSS 6.7
MEDIUM PATCH This Month

'getlogs' utility in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Dell Command Injection Emc Avamar +2
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0 and 7.4.1 and Dell EMC Integrated Data Protection Appliance (IDPA) 2.0 are affected by an information exposure vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Java Dell Information Disclosure +3
NVD
EPSS 2% CVSS 6.1
MEDIUM PATCH This Month

Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Dell Open Redirect Emc Avamar +2
NVD
EPSS 10% CVSS 9.8
CRITICAL PATCH Act Now

Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell RCE Emc Avamar +2
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 contain undocumented accounts named 'support' and 'admin' that are protected with default passwords. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Emc Integrated Data Protection Appliance
NVD
EPSS 2% CVSS 8.1
HIGH This Week

Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 contain a XML External Entity (XXE) Injection vulnerability in. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell XXE Denial Of Service +2
NVD
EPSS 47% CVSS 9.8
CRITICAL POC THREAT Act Now

Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection Appliance 2.0 and 2.1, is affected by a missing access control check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Dell Emc Avamar +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy