Description
The web-based file-restore interface in EMC Avamar Server before 6.1.0 allows remote authenticated users to read arbitrary files via a crafted URL.
References (1)
Core 1
Core References
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2013-05/0012.html
Scores
EPSS
0.0016
EPSS Percentile
36.7%
Details
CWE
CWE-200
Status
published
Products (7)
emc/avamar
5.0 (3 CPE variants)
emc/avamar
5.0.0-407
emc/avamar
5.0.4-26
emc/avamar
6.0
emc/avamar
6.0.1
emc/avamar
6.0.2
emc/avamar
6.0.3
Published
May 03, 2013
Tracked Since
Feb 18, 2026