Security restrictions bypass in Dell EMC Avamar Server and Integrated Data Protection Appliance
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2018-1217 |
| CWE-ID | CWE-284 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software Subscribe |
EMC Avamar Client/Desktop applications / Software for system administration EMC Integrated Data Protection Appliance Server applications / IDS/IPS systems, Firewalls and proxy servers |
| Vendor | Dell |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Improper access control
EUVDB-ID: #VU11623
Risk: Low
CVSSv3.1: 8.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-1217
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information and write arbitrary files on the target system.
The weakness exists due to improper access control. A remote attacker can view or modify the LDLS credentials, which are used to authenticate to Dell EMC Online Support.
Update to 7.3.1 - HOTFIX 290316, 7.4.1 - HOTFIX 291882 or 7.5.0 - HOTFIX 291881.
Vulnerable software versionsEMC Avamar: 7.3.1 - 7.5.0
EMC Integrated Data Protection Appliance: 2.0 - 2.1
External linkshttp://seclists.org/fulldisclosure/2018/Apr/14
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
