cbcvebase.
CVE-2018-11066
published 2018-11-26

CVE-2018-11066: Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data…

PriorityP270critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
9.91%
95.0th percentile
Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server.

Affected

44 ranges· showing 25
VendorProductVersion rangeFixed in
dellemc_avamar
dellemc_avamar
dellemc_avamar
dellemc_avamar
dellemc_avamar
dellemc_avamar
dellemc_avamar
dellemc_avamar
dellemc_avamar
dellemc_integrated_data_protection_appliance
dellemc_integrated_data_protection_appliance
dellemc_integrated_data_protection_appliance
dell_emcavamar
dell_emcavamar
dell_emcavamar
dell_emcavamar
dell_emcavamar
dell_emcavamar
dell_emcavamar
dell_emcavamar
dell_emcavamar
dell_emcintegrated_data_protection_appliance
dell_emcintegrated_data_protection_appliance
dell_emcintegrated_data_protection_appliance
vmwarevmware_vsphere

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2018-11066 is a remote code execution vulnerability in Dell EMC Avamar Client Manager (and VDP) exploitable by a remote unauthenticated attacker; monitor for unexpected process execution or command activity originating from the Avamar/VDP server process
  • VDP (vSphere Data Protection) is based on Dell EMC Avamar Virtual Edition and shares the same RCE vulnerability; treat VDP appliances as equally exposed attack surface
  • No mitigation or workaround exists for CVE-2018-11066 in VDP 6.0.x or 6.1.x; patching to 6.1.10 or 6.0.9 respectively is the only remediation — unpatched instances should be treated as actively exploitable
  • ·Affected Dell EMC Avamar Server versions are 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, and 18.1; affected IDPA versions are 2.0, 2.1, and 2.2 — scope detection rules to these version ranges
  • ·CVE-2018-11066 severity is rated Critical for VDP; prioritize detection and patching above co-located vulnerabilities CVE-2018-11067 (Important) and CVE-2018-11076 (Important) which affect the same appliance

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.