CVE-2017-4989 - OpenCVE

In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information, perform software updates, or run maintenance workflows.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Emc	Avamar Server

Configuration 1 [-]

OR	cpe:2.3:a:emc:avamar_server:7.2.0-401:::::::*
	cpe:2.3:a:emc:avamar_server:7.2.1-31:::::::*
	cpe:2.3:a:emc:avamar_server:7.2.1-32:::::::*
	cpe:2.3:a:emc:avamar_server:7.3.0-226:::::::*
	cpe:2.3:a:emc:avamar_server:7.3.0-233:::::::*
	cpe:2.3:a:emc:avamar_server:7.3.1-125:::::::*

References

Link	Resource
http://www.securityfocus.com/archive/1/540754/30/0/threaded	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/99243	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1038718

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: dell

Published: 2017-06-21T20:00:00

Updated: 2017-07-06T09:57:01

Reserved: 2016-12-29T00:00:00

Link: CVE-2017-4989

JSON object: View

NVD Information

Status : Modified

Published: 2017-06-21T20:29:00.297

Modified: 2017-07-07T01:29:03.917

Link: CVE-2017-4989

JSON object: View

Redhat Information

No data.

CWE

CWE-287

{"containers": {"cna": {"affected": [{"product": "EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401", "vendor": "n/a", "versions": [{"status": "affected", "version": "EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401"}]}], "datePublic": "2017-06-21T00:00:00", "descriptions": [{"lang": "en", "value": "In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information, perform software updates, or run maintenance workflows."}], "problemTypes": [{"descriptions": [{"description": "Server Authentication Bypass Vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-06T09:57:01", "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.securityfocus.com/archive/1/540754/30/0/threaded"}, {"name": "99243", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/99243"}, {"name": "1038718", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1038718"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security_alert@emc.com", "ID": "CVE-2017-4989", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401", "version": {"version_data": [{"version_value": "EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information, perform software updates, or run maintenance workflows."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Server Authentication Bypass Vulnerability"}]}]}, "references": {"reference_data": [{"name": "http://www.securityfocus.com/archive/1/540754/30/0/threaded", "refsource": "CONFIRM", "url": "http://www.securityfocus.com/archive/1/540754/30/0/threaded"}, {"name": "99243", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99243"}, {"name": "1038718", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038718"}]}}}}, "cveMetadata": {"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "assignerShortName": "dell", "cveId": "CVE-2017-4989", "datePublished": "2017-06-21T20:00:00", "dateReserved": "2016-12-29T00:00:00", "dateUpdated": "2017-07-06T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:emc:avamar_server:7.2.0-401:*:*:*:*:*:*:*", "matchCriteriaId": "5BD7E9AC-6477-4C58-A5CA-E294C2D0AB76", "vulnerable": true}, {"criteria": "cpe:2.3:a:emc:avamar_server:7.2.1-31:*:*:*:*:*:*:*", "matchCriteriaId": "3EB2AC0F-B8B3-4232-B530-D9F01D7ECCB8", "vulnerable": true}, {"criteria": "cpe:2.3:a:emc:avamar_server:7.2.1-32:*:*:*:*:*:*:*", "matchCriteriaId": "CF5A76F8-15A8-4FE5-884E-6A46337B6F5A", "vulnerable": true}, {"criteria": "cpe:2.3:a:emc:avamar_server:7.3.0-226:*:*:*:*:*:*:*", "matchCriteriaId": "D2E105BC-BCB8-481F-B21F-2FB4653CA1C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:emc:avamar_server:7.3.0-233:*:*:*:*:*:*:*", "matchCriteriaId": "133FFE19-9914-4E7E-BDE4-FF04B6554F5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:emc:avamar_server:7.3.1-125:*:*:*:*:*:*:*", "matchCriteriaId": "2DA69C30-4908-4DCD-AC7C-989E81FC7528", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information, perform software updates, or run maintenance workflows."}, {"lang": "es", "value": "En EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31 y 7.2.0-401, un atacante remoto no autenticado podr\u00eda omitir el proceso de autenticaci\u00f3n para obtener acceso a la p\u00e1gina de mantenimiento del sistema. Esto podr\u00eda ser explotado por un atacante para ver informaci\u00f3n sensible, realizar actualizaciones de software o llevar a cabo flujos de trabajo de mantenimiento."}], "id": "CVE-2017-4989", "lastModified": "2017-07-07T01:29:03.917", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-06-21T20:29:00.297", "references": [{"source": "security_alert@emc.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/540754/30/0/threaded"}, {"source": "security_alert@emc.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/99243"}, {"source": "security_alert@emc.com", "url": "http://www.securitytracker.com/id/1038718"}], "sourceIdentifier": "security_alert@emc.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}