What is CVE-2019-3752?

CVE-2019-3752 is a high-severity vulnerability in Dell Avamar, classified under Improper Restriction of XML External Entity Reference (XXE). CVSS score: 8.2/10. Published 2021-07-16.

How severe is CVE-2019-3752?

High severity. CVSS v3 base score is 8.2 out of 10.

XXE in Dell Avamar

CVE-2019-3752

Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4. contain an XML External Entity(XXE) Injection vulnerability. A remote unauthen…

Vulnerability class: XXE (XML External Entity)

EPSS: 0.004 (59.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.2 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H.

Affected products

Dell Avamar — versions 7.4.1, 7.5.0, 7.5.1, 18.2

Weakness classification (CWE)

CWE-611 — Improper Restriction of XML External Entity Reference (XXE)

References

www.dell.com/support/security/en-us/details/537853/DSA-2019-119-Dell-EMC-Avamar… (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-3752?: CVE-2019-3752 is a high-severity vulnerability in Dell Avamar, classified under Improper Restriction of XML External Entity Reference (XXE). CVSS score: 8.2/10. Published 2021-07-16.
How severe is CVE-2019-3752?: High severity. CVSS v3 base score is 8.2 out of 10.