cvedb.io
CVE-2017-4989
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2017-06-21T20:29:00.297 · Last modified 2026-06-17T01:19:41.723

Summary

In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information, perform software updates, or run maintenance workflows.

Affected products

emc — avamar_server

Does this affect you?

Add your gear to cvedb and we'll alert you only when emc ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.