Unrated severityNVD Advisory· Published Oct 9, 2019· Updated Sep 16, 2024

CVE-2019-3765

Description

Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4 contain an Incorrect Permission Assignment for Critical Resource vulnerability. A remote authenticated malicious user potentially could exploit this vulnerability to view or modify sensitive backup data. This could be used to make backups corrupt or potentially to trick a user into restoring a backup with malicious files in place.

Affected products

Dell/EMC Integrated Data Protection Appliance (IDPA)llm-fuzzy
Range: 2.0, 2.1, 2.2, 2.3, 2.4
EMC Corporation/Avamar Serverllm-fuzzy
Range: 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1
Dell/Avamarv5
Range: 7.4.1
Dell/Integrated Data Protection Appliancev5
Range: 2.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.dell.com/support/security/en-us/details/537649/DSA-2019-138-Dell-EMC-Avamar-Incorrect-Permission-Assignment-for-Critical-Resource-Vulnerabilitymitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000