Description
EMC Avamar 4.x, 5.0.x, and 6.0.x before 6.0.0-592 allows remote authenticated users to modify client data or obtain sensitive information about product activities by leveraging privileged access to a different domain.
References (5)
Core 5
Core References
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2011-09/0076.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/69760
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/46002
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1026035
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/45988
Scores
EPSS
0.0036
EPSS Percentile
58.3%
Details
CWE
CWE-264
Status
published
Products (6)
emc/avamar
4.0
emc/avamar
4.1
emc/avamar
5.0 (3 CPE variants)
emc/avamar
5.0.0-407
emc/avamar
5.0.4-26
emc/avamar
6.0
Published
Sep 19, 2011
Tracked Since
Feb 18, 2026