MEDIUM🇬🇧 English

CVE-2018-11067

CVSS 6.1v3.0pub. 2018-11-26upd. 2024-11-21

Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain an open redirection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect application users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links. The vulnerability could be used to conduct phishing attacks that cause users to unknowingly visit malicious sites.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  • Dell Emc Avamar

    APP
    Dell
    18.17.2.07.2.17.3.07.3.17.4.07.4.17.5.07.5.1
  • Dell Emc Integrated Data Protection Appliance

    APP
    Dell
    2.02.12.2
  • VMware vSphere Data Protection

    APP
    Vmware
    6.0.06.0.16.0.26.0.36.0.46.0.56.0.66.0.76.0.86.1.06.1.16.1.26.1.36.1.46.1.5+ 4 więcej
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2020-29493CRITICAL10.0ten sam produkt

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. ...

CVE-2020-29495CRITICAL10.0ten sam produkt

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness An...

CVE-2018-11066CRITICAL9.8ten sam produkt

Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7....

CVE-2018-1217CRITICAL9.8ten sam produkt

Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Pr...

CVE-2017-4914CRITICAL9.8ten sam produkt

VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue. Exploita...