Dell EMC Avamar Server versions 7.4.1 Incorrect Permission Assignment for Critical Resource Vulnerability

Summary

Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4 contain an Incorrect Permission Assignment for Critical Resource vulnerability.

Credit:

The information has been provided by Vendor

The original article can be found at:  https://www.dell.com/support/security/en-us/details/537649/DSA-2019-138-Dell-EMC-Avamar-Incorrect-Permission-Assignment-for-Critical-Resource-Vulnerability


Details

A remote authenticated malicious user potentially could exploit this vulnerability to view or modify sensitive backup data. This could be used to make backups corrupt or potentially to trick a user into restoring a backup with malicious files in place.

Vulnerable Systems:

Dell EMC Avamar Server versions 7.4.1  

CVE Information:

CVE-2019-3765

Disclosure Timeline:
Published Date:10/09/2019