Unrated severityNVD Advisory· Published Nov 26, 2018· Updated Sep 17, 2024
Dell EMC Avamar and Integrated Data Protection Appliance Command Injection Vulnerability
CVE-2018-11077
Description
'getlogs' utility in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 is affected by an OS command injection vulnerability. A malicious Avamar admin user may potentially be able to execute arbitrary commands under root privilege.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1
2.0, 2.1, 2.2+ 1 more
- (no CPE)range: 2.0, 2.1, 2.2
- (no CPE)range: 2.0
- Range: 7.2.0
Patches
Vulnerability mechanics
References
4- www.securityfocus.com/bid/105971mitrevdb-entryx_refsource_BID
- www.securitytracker.com/id/1042153mitrevdb-entryx_refsource_SECTRACK
- seclists.org/fulldisclosure/2018/Nov/51mitremailing-listx_refsource_FULLDISC
- www.vmware.com/security/advisories/VMSA-2018-0029.htmlmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.