Information disclosure in Emc Avamar_server
CVE-2015-4527
Directory traversal vulnerability in EMC Avamar Server 7.x before 7.1.2 and Avamar Virtual Addition (AVE) 7.x before 7.1.2 allows remote attackers to read arbitrary files by using the Avamar Desktop/Laptop client interface to send crafted…
Vulnerability class: Information Disclosure
EPSS: 0.027 (84.3th percentile) — read the EPSS interpretation.
Affected products
- Emc Avamar_server — versions 7.1
- Emc Avamar_server_virtual_edition — versions 7.1
- N/a — versions n/a
Weakness classification (CWE)
References
- security_alert@emc.com (mailing-list, x_refsource_BUGTRAQ)
- security_alert@emc.com (vdb-entry, x_refsource_SECTRACK)