EMC Avamar 6.1 for VMware

CPE Details

EMC Avamar 6.1 for VMware
emc
avamar
6.1
2012-10-31
11h58 +00:00
2012-11-01
01h04 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:emc:avamar:6.1:-:*:*:*:vmware:*:*

Informations

Vendor

emc

Product

avamar

Version

6.1

Update

-

Target Software

vmware

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2016-0906 2016-07-06 12h00 +00:00 The web-restore interface in Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar through 7.1.2 and 7.2.x through 7.2.1 allows remote authenticated users to read or delete directories via a Linux backup-restore operation.
8.8
High
CVE-2014-4623 2014-10-25 08h00 +00:00 EMC Avamar 6.0.x, 6.1.x, and 7.0.x in Avamar Data Store (ADS) GEN4(S) and Avamar Virtual Edition (AVE), when Password Hardening before 2.0.0.4 is enabled, uses UNIX DES crypt for password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.
4.3
CVE-2013-0945 2013-05-03 10h00 +00:00 EMC Avamar Client before 6.1.101-89 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
9.3
CVE-2012-4610 2012-10-31 09h00 +00:00 EMC Avamar Client for VMware 6.1 stores the cleartext server root password on the proxy client, which might allow remote attackers to obtain sensitive information by leveraging "network access" to the proxy client.
3.3