CVE-2013-3275

EMC Avamar Server & Avamar Virtual Edition <7.0 - Info Disclosure

Title source: llm
STIX 2.1

Description

EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly restrict use of FRAME elements, which makes it easier for remote attackers to obtain sensitive information via a crafted web site, related to "cross frame scripting vulnerabilities."

References (1)

Core 1
Core References
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2013-07/0114.html

Scores

EPSS 0.0029
EPSS Percentile 51.9%

Details

CWE
CWE-20
Status published
Products (10)
emc/avamar_server 4.0
emc/avamar_server 4.1
emc/avamar_server 5.0
emc/avamar_server 6.0
emc/avamar_server < 6.1
emc/avamar_server_virtual_edition 4.0
emc/avamar_server_virtual_edition 4.1
emc/avamar_server_virtual_edition 5.0
emc/avamar_server_virtual_edition 6.0
emc/avamar_server_virtual_edition < 6.1
Published Jul 19, 2013
Tracked Since Feb 18, 2026