Vulnerability Description
Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Emc Avamar | 7.2.0 |
| Dell | Emc Integrated Data Protection Appliance | 2.0 |
| Vmware | Vsphere Data Protection | 6.0.0 |
References
- http://www.securityfocus.com/bid/105968Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1042153Third Party AdvisoryVDB Entry
- https://seclists.org/fulldisclosure/2018/Nov/49Mailing ListThird Party Advisory
- https://www.vmware.com/security/advisories/VMSA-2018-0029.htmlPatchThird Party Advisory
- http://www.securityfocus.com/bid/105968Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1042153Third Party AdvisoryVDB Entry
- https://seclists.org/fulldisclosure/2018/Nov/49Mailing ListThird Party Advisory
- https://www.vmware.com/security/advisories/VMSA-2018-0029.htmlPatchThird Party Advisory
FAQ
What is CVE-2018-11066?
CVE-2018-11066 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2....
How severe is CVE-2018-11066?
CVE-2018-11066 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-11066?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Emc Avamar, Dell Emc Integrated Data Protection Appliance, Vmware Vsphere Data Protection.