CVE-2015-4527
EMC Avamar Server and Avamar Virtual Edition 7.x - Directory Traversal via Avamar Desktop/Laptop Client Interface
Title source: llmDescription
Directory traversal vulnerability in EMC Avamar Server 7.x before 7.1.2 and Avamar Virtual Addition (AVE) 7.x before 7.1.2 allows remote attackers to read arbitrary files by using the Avamar Desktop/Laptop client interface to send crafted parameters.
References (2)
Core 2
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://seclists.org/bugtraq/2015/Jul/110
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033026
Scores
EPSS
0.0057
EPSS Percentile
68.9%
Details
CWE
CWE-200
Status
published
Products (2)
emc/avamar_server
7.1
emc/avamar_server_virtual_edition
7.1
Published
Jul 23, 2015
Tracked Since
Feb 18, 2026