cbcvebase.
CVE-2017-15550
published 2018-01-05

CVE-2017-15550: An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated…

PriorityP358high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
EPSS
8.23%
94.2th percentile
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could access arbitrary files on the server file system in the context of the running vulnerable application via Path traversal.

Affected

18 ranges
VendorProductVersion rangeFixed in
emcavamar_server
emcavamar_server
emcavamar_server
emcavamar_server
emcavamar_server
emcavamar_server
emcavamar_server
emcavamar_server
emcavamar_server
emcavamar_server
emcavamar_server
emcavamar_server
emcavamar_server
emcavamar_server
emcintegrated_data_protection_appliance
emcnetworker
emcnetworker
emcnetworker

CVSS provenance

nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.