var-201804-0748
Vulnerability from variot
Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection Appliance 2.0 and 2.1, is affected by a missing access control check vulnerability which could potentially allow a remote unauthenticated attacker to read or change the Local Download Service (LDLS) credentials. The LDLS credentials are used to connect to Dell EMC Online Support. If the LDLS configuration was changed to an invalid configuration, then Avamar Installation Manager may not be able to connect to Dell EMC Online Support web site successfully. The remote unauthenticated attacker can also read and use the credentials to login to Dell EMC Online Support, impersonating the AVI service actions using those credentials. Dell EMC Avamar Server Contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks. Dell EMC Avamar Server is a suite of fully virtualized backup and recovery software for servers. Avamar Installation Manager is one of the Avamar installation managers.
Refer to KB Article 513978 for instructions on applying the hotfix. Please note that applying the hotfix does not require a reboot or shutdown.
Read and use the information in this Dell EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein.
For an explanation of Severity Ratings, refer to Dell EMC Knowledgebase solution emc218831. Dell EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.
Dell EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. Dell EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall Dell EMC or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Dell EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQEcBAEBCAAGBQJaxmHGAAoJEHbcu+fsE81ZRtoH/RYsP9wVgHlEUAzJ3ZNgJumu +rXt4amwIW0x8X3bv0DI1ftIrO8sb7TDJ3c234Ax4wR1IZUHQDuIfjf1qqKgpved Zjo/WKSK4goY7ieD4+9ORGZc9nmHsoAHO1U1o77jcf5jkSwrPIFGCXok1efLJBcE YNQgwbd6e7kGpmWkesGMqLpMGQi3TFzxwnbuVsG6iiEU1eFw07LvpV9PONdGMbLO OHVZ6c/Da/FU5dcDWFSFBC+XaI9DJq89mdkyvgLS8NpqfzW0RF0x3kzjEBWfev3k 0J5dSueulLUoDfBOPIrypBvjtzNVhxWvUHcv/j+ozSIhUia9JMWJ8W8rVnR8BHw= =MhV3 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-0748",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "emc integrated data protection appliance",
"scope": "eq",
"trust": 1.9,
"vendor": "dell",
"version": "2.1"
},
{
"model": "emc integrated data protection appliance",
"scope": "eq",
"trust": 1.9,
"vendor": "dell",
"version": "2.0"
},
{
"model": "emc avamar",
"scope": "eq",
"trust": 1.9,
"vendor": "dell",
"version": "7.4.1"
},
{
"model": "emc avamar",
"scope": "eq",
"trust": 1.9,
"vendor": "dell",
"version": "7.3.1"
},
{
"model": "emc avamar",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "7.5.0"
},
{
"model": "avamar",
"scope": "eq",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "7.3.1"
},
{
"model": "avamar",
"scope": "eq",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "7.4.1"
},
{
"model": "avamar",
"scope": "eq",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "7.5.0"
},
{
"model": "integrated data protection appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "2.0"
},
{
"model": "integrated data protection appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "2.1"
},
{
"model": "emc avamar",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "7.5"
}
],
"sources": [
{
"db": "BID",
"id": "104526"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004081"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-411"
},
{
"db": "NVD",
"id": "CVE-2018-1217"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:emc:avamar",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:emc:integrated_data_protection_appliance",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004081"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kapil Khot from Qualys Vulnerability Signature/Research Team",
"sources": [
{
"db": "BID",
"id": "104526"
}
],
"trust": 0.3
},
"cve": "CVE-2018-1217",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-1217",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-122102",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-1217",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-1217",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-1217",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-411",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-122102",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122102"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004081"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-411"
},
{
"db": "NVD",
"id": "CVE-2018-1217"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection Appliance 2.0 and 2.1, is affected by a missing access control check vulnerability which could potentially allow a remote unauthenticated attacker to read or change the Local Download Service (LDLS) credentials. The LDLS credentials are used to connect to Dell EMC Online Support. If the LDLS configuration was changed to an invalid configuration, then Avamar Installation Manager may not be able to connect to Dell EMC Online Support web site successfully. The remote unauthenticated attacker can also read and use the credentials to login to Dell EMC Online Support, impersonating the AVI service actions using those credentials. Dell EMC Avamar Server Contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. \nAn attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks. Dell EMC Avamar Server is a suite of fully virtualized backup and recovery software for servers. Avamar Installation Manager is one of the Avamar installation managers. \n\nRefer to KB Article 513978 for instructions on applying the hotfix. Please note that applying the hotfix does not require a reboot or shutdown. \n\n\nRead and use the information in this Dell EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. \n\nFor an explanation of Severity Ratings, refer to Dell EMC Knowledgebase solution emc218831. Dell EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. \n\nDell EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided \"as is\" without warranty of any kind. Dell EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall Dell EMC or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Dell EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2\n\niQEcBAEBCAAGBQJaxmHGAAoJEHbcu+fsE81ZRtoH/RYsP9wVgHlEUAzJ3ZNgJumu\n+rXt4amwIW0x8X3bv0DI1ftIrO8sb7TDJ3c234Ax4wR1IZUHQDuIfjf1qqKgpved\nZjo/WKSK4goY7ieD4+9ORGZc9nmHsoAHO1U1o77jcf5jkSwrPIFGCXok1efLJBcE\nYNQgwbd6e7kGpmWkesGMqLpMGQi3TFzxwnbuVsG6iiEU1eFw07LvpV9PONdGMbLO\nOHVZ6c/Da/FU5dcDWFSFBC+XaI9DJq89mdkyvgLS8NpqfzW0RF0x3kzjEBWfev3k\n0J5dSueulLUoDfBOPIrypBvjtzNVhxWvUHcv/j+ozSIhUia9JMWJ8W8rVnR8BHw=\n=MhV3\n-----END PGP SIGNATURE-----\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1217"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004081"
},
{
"db": "BID",
"id": "104526"
},
{
"db": "VULHUB",
"id": "VHN-122102"
},
{
"db": "PACKETSTORM",
"id": "147080"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-122102",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122102"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1217",
"trust": 2.9
},
{
"db": "EXPLOIT-DB",
"id": "44441",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1040641",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004081",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201804-411",
"trust": 0.7
},
{
"db": "BID",
"id": "104526",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "147080",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "147140",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-122102",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122102"
},
{
"db": "BID",
"id": "104526"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004081"
},
{
"db": "PACKETSTORM",
"id": "147080"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-411"
},
{
"db": "NVD",
"id": "CVE-2018-1217"
}
]
},
"id": "VAR-201804-0748",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-122102"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T23:02:10.747000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Avamar",
"trust": 0.8,
"url": "https://japan.emc.com/data-protection/avamar.htm"
},
{
"title": "Integrated Data Protection Appliance",
"trust": 0.8,
"url": "https://www.dellemc.com/ja-jp/data-protection/integrated-data-protection-appliance.htm#collapse"
},
{
"title": "Dell EMC Avamar Server and EMC Integrated Data Protection Appliance Avamar Installation Manager Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=83212"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004081"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-411"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-862",
"trust": 1.1
},
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-255",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122102"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004081"
},
{
"db": "NVD",
"id": "CVE-2018-1217"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://seclists.org/fulldisclosure/2018/apr/14"
},
{
"trust": 2.0,
"url": "https://www.exploit-db.com/exploits/44441/"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1040641"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1217"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1217"
},
{
"trust": 0.3,
"url": "http://dell.com"
},
{
"trust": 0.1,
"url": "https://download.emc.com/downloads/dl88307_hotfix_291881:_dell_emc_avamar_7.5.0_installation_manager_missing_access_control_vulnerability_(cve-2018-1217).avp?source=ols"
},
{
"trust": 0.1,
"url": "https://download.emc.com/downloads/dl87396_avamar_7.3.1_hotfix_290316_for_multiple_authentication_bypass_security_vulnerabilities.avp?source=ols"
},
{
"trust": 0.1,
"url": "https://download.emc.com/downloads/dl88301_hotfix_291882:_dell_emc_avamar_7.4.1_and_integrated_data_protection_appliance_2.0_installation_manager_missing_access_control_vulnerability_(cve-2018-1217).avp?source=ols"
},
{
"trust": 0.1,
"url": "https://download.emc.com/downloads/dl88301_hotfix_291882:_dell_emc_avamar_7.4.1_and_integrated_data_protection_appliance_2.0_installation_manager_missing_access_control_vulnerability(cve-2018-1217).avp?source=ols"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122102"
},
{
"db": "BID",
"id": "104526"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004081"
},
{
"db": "PACKETSTORM",
"id": "147080"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-411"
},
{
"db": "NVD",
"id": "CVE-2018-1217"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-122102"
},
{
"db": "BID",
"id": "104526"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004081"
},
{
"db": "PACKETSTORM",
"id": "147080"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-411"
},
{
"db": "NVD",
"id": "CVE-2018-1217"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-09T00:00:00",
"db": "VULHUB",
"id": "VHN-122102"
},
{
"date": "2018-04-05T00:00:00",
"db": "BID",
"id": "104526"
},
{
"date": "2018-06-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004081"
},
{
"date": "2018-04-06T19:32:22",
"db": "PACKETSTORM",
"id": "147080"
},
{
"date": "2018-04-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-411"
},
{
"date": "2018-04-09T20:29:00.277000",
"db": "NVD",
"id": "CVE-2018-1217"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-122102"
},
{
"date": "2018-04-05T00:00:00",
"db": "BID",
"id": "104526"
},
{
"date": "2018-06-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004081"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-411"
},
{
"date": "2024-11-21T03:59:24.620000",
"db": "NVD",
"id": "CVE-2018-1217"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-411"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dell EMC Avamar Server Vulnerabilities related to certificate and password management",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004081"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-411"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…