VYPR
Critical severity9.8NVD Advisory· Published Jun 21, 2017· Updated Jun 17, 2026

CVE-2017-4989

CVE-2017-4989

Description

In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information, perform software updates, or run maintenance workflows.

Affected products

6
  • cpe:2.3:a:emc:avamar_server:7.2.0-401:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:emc:avamar_server:7.2.0-401:*:*:*:*:*:*:*
    • cpe:2.3:a:emc:avamar_server:7.2.1-31:*:*:*:*:*:*:*
    • cpe:2.3:a:emc:avamar_server:7.2.1-32:*:*:*:*:*:*:*
    • cpe:2.3:a:emc:avamar_server:7.3.0-226:*:*:*:*:*:*:*
    • cpe:2.3:a:emc:avamar_server:7.3.0-233:*:*:*:*:*:*:*
    • cpe:2.3:a:emc:avamar_server:7.3.1-125:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.