Critical severity9.8NVD Advisory· Published Jun 21, 2017· Updated Jun 17, 2026
CVE-2017-4989
CVE-2017-4989
Description
In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information, perform software updates, or run maintenance workflows.
Affected products
6cpe:2.3:a:emc:avamar_server:7.2.0-401:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:emc:avamar_server:7.2.0-401:*:*:*:*:*:*:*
- cpe:2.3:a:emc:avamar_server:7.2.1-31:*:*:*:*:*:*:*
- cpe:2.3:a:emc:avamar_server:7.2.1-32:*:*:*:*:*:*:*
- cpe:2.3:a:emc:avamar_server:7.3.0-226:*:*:*:*:*:*:*
- cpe:2.3:a:emc:avamar_server:7.3.0-233:*:*:*:*:*:*:*
- cpe:2.3:a:emc:avamar_server:7.3.1-125:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/archive/1/540754/30/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/99243nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1038718nvd
News mentions
0No linked articles in our index yet.