cnvd-2019-36947
Vulnerability from cnvd
Title: Dell EMC Avamar Server和EMC Integrated Data Protection Appliance代码问题漏洞
Description:
Dell EMC Integrated Data Protection Appliance和Dell EMC Avamar Server都是美国戴尔(Dell)公司的产品。Dell EMC Integrated Data Protection Appliance是一套基于磁盘的备份和恢复解决方案。Dell EMC Avamar Server是一套用于服务器的完全虚拟化的备份和恢复软件。
Dell EMC Avamar Server和EMC Integrated Data Protection Appliance (IDPA)中存在代码问题漏洞。该漏洞源于网络系统或产品的代码开发过程中存在设计或实现不当的问题。目前没有详细的漏洞细节提供。
Severity: 高
Formal description:
目前厂商暂未发布修复措施解决此安全问题,建议使用此软件的用户随时关注厂商主页或参考网址以获取解决办法: https://www.dellemc.com/
Reference: https://vigilance.fr/vulnerability/Dell-EMC-Avamar-external-XML-entity-injection-30601
Impacted products
| Name | ['Dell EMC Avamar Server 7.4.1', 'Dell EMC Avamar Server 7.5.0', 'Dell EMC Integrated Data Protection Appliance 2.0', 'Dell EMC Integrated Data Protection Appliance 2.1', 'Dell EMC Avamar Server 7.5.1', 'Dell EMC Integrated Data Protection Appliance 2.2', 'Dell EMC Integrated Data Protection Appliance 2.3', 'Dell EMC Integrated Data Protection Appliance 2.4', 'Dell EMC Avamar Server 18.2', 'Dell EMC Avamar Server 19.1'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-3752"
}
},
"description": "Dell EMC Integrated Data Protection Appliance\u548cDell EMC Avamar Server\u90fd\u662f\u7f8e\u56fd\u6234\u5c14\uff08Dell\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Dell EMC Integrated Data Protection Appliance\u662f\u4e00\u5957\u57fa\u4e8e\u78c1\u76d8\u7684\u5907\u4efd\u548c\u6062\u590d\u89e3\u51b3\u65b9\u6848\u3002Dell EMC Avamar Server\u662f\u4e00\u5957\u7528\u4e8e\u670d\u52a1\u5668\u7684\u5b8c\u5168\u865a\u62df\u5316\u7684\u5907\u4efd\u548c\u6062\u590d\u8f6f\u4ef6\u3002\n\nDell EMC Avamar Server\u548cEMC Integrated Data Protection Appliance (IDPA)\u4e2d\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u7684\u4ee3\u7801\u5f00\u53d1\u8fc7\u7a0b\u4e2d\u5b58\u5728\u8bbe\u8ba1\u6216\u5b9e\u73b0\u4e0d\u5f53\u7684\u95ee\u9898\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u6682\u672a\u53d1\u5e03\u4fee\u590d\u63aa\u65bd\u89e3\u51b3\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u5efa\u8bae\u4f7f\u7528\u6b64\u8f6f\u4ef6\u7684\u7528\u6237\u968f\u65f6\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u6216\u53c2\u8003\u7f51\u5740\u4ee5\u83b7\u53d6\u89e3\u51b3\u529e\u6cd5\uff1a\r\nhttps://www.dellemc.com/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-36947",
"openTime": "2019-10-24",
"products": {
"product": [
"Dell EMC Avamar Server 7.4.1",
"Dell EMC Avamar Server 7.5.0",
"Dell EMC Integrated Data Protection Appliance 2.0",
"Dell EMC Integrated Data Protection Appliance 2.1",
"Dell EMC Avamar Server 7.5.1",
"Dell EMC Integrated Data Protection Appliance 2.2",
"Dell EMC Integrated Data Protection Appliance 2.3",
"Dell EMC Integrated Data Protection Appliance 2.4",
"Dell EMC Avamar Server 18.2",
"Dell EMC Avamar Server 19.1"
]
},
"referenceLink": "https://vigilance.fr/vulnerability/Dell-EMC-Avamar-external-XML-entity-injection-30601",
"serverity": "\u9ad8",
"submitTime": "2019-10-15",
"title": "Dell EMC Avamar Server\u548cEMC Integrated Data Protection Appliance\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…