CVE-2020-5329Open Redirect in Dell Avamar

CWE-601Open Redirect3 documents3 sources
Severity
6.1MEDIUMNVD
EPSS
0.2%
top 57.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Dell AvamarDell EMC Avamar Server
Timeline
PublishedJul 29
Latest updateMay 24

Description

Dell EMC Avamar Server contains an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect application users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

NVDdell/emc_avamar_server7.3.1, 7.4.1+1
CVEListV5dell/avamar7.3.1, 7.4.1

Patches

Patch: www.dell.comPatch: www.dell.com

🔴Vulnerability Details

2
GHSA
GHSA-fpqr-6jch-4xhq: Dell EMC Avamar Server contains an open redirect vulnerability2022-05-24
CVEList
CVE-2020-5329: Dell EMC Avamar Server contains an open redirect vulnerability2021-07-29
CVE-2020-5329 — Open Redirect in Dell Avamar | cvebase