CVE-2020-29494
Description
Dell EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a Path Traversal Vulnerability in PDM. A remote user could potentially exploit this vulnerability, to gain unauthorized write access to the arbitrary files stored on the server filesystem, causing deletion of arbitrary files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Path traversal in Dell EMC Avamar Server PDM allows authenticated remote users to delete arbitrary files.
Vulnerability
A path traversal vulnerability exists in the PDM component of Dell EMC Avamar Server versions 19.1, 19.2, and 19.3. An attacker with high privileges can exploit this to gain unauthorized write access to arbitrary files on the server filesystem [1].
Exploitation
An attacker with high privileges (e.g., administrative access) can send specially crafted HTTP requests to the PDM component to perform path traversal, leading to deletion of arbitrary files. No user interaction is required, and the attack is over the network [1].
Impact
Successful exploitation results in unauthorized deletion of arbitrary files on the server, affecting integrity and availability. Confidentiality is not impacted. The CVSS base score is 8.7 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H) [1].
Mitigation
Dell recommends upgrading to a fixed version of Avamar Server. The advisory [1] urges customers to upgrade at the earliest opportunity. No workaround is provided in the available references.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <=19.3
- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.