CVE-2013-3275

2013-07-1914:36:13

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

Low

EPSS

0.001

Percentile

48.8%

JSON

EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly restrict use of FRAME elements, which makes it easier for remote attackers to obtain sensitive information via a crafted web site, related to “cross frame scripting vulnerabilities.”

Affected configurations

Nvd

Node

emcavamar_serverRange≤6.1

emcavamar_serverMatch4.0

emcavamar_serverMatch4.1

emcavamar_serverMatch5.0

emcavamar_serverMatch6.0

emcavamar_server_virtual_editionRange≤6.1

emcavamar_server_virtual_editionMatch4.0

emcavamar_server_virtual_editionMatch4.1

emcavamar_server_virtual_editionMatch5.0

emcavamar_server_virtual_editionMatch6.0

VendorProductVersionCPE
emcavamar_server*cpe:2.3:a:emc:avamar_server:*:*:*:*:*:*:*:*
emcavamar_server4.0cpe:2.3:a:emc:avamar_server:4.0:*:*:*:*:*:*:*
emcavamar_server4.1cpe:2.3:a:emc:avamar_server:4.1:*:*:*:*:*:*:*
emcavamar_server5.0cpe:2.3:a:emc:avamar_server:5.0:*:*:*:*:*:*:*
emcavamar_server6.0cpe:2.3:a:emc:avamar_server:6.0:*:*:*:*:*:*:*
emcavamar_server_virtual_edition*cpe:2.3:a:emc:avamar_server_virtual_edition:*:*:*:*:*:*:*:*
emcavamar_server_virtual_edition4.0cpe:2.3:a:emc:avamar_server_virtual_edition:4.0:*:*:*:*:*:*:*
emcavamar_server_virtual_edition4.1cpe:2.3:a:emc:avamar_server_virtual_edition:4.1:*:*:*:*:*:*:*
emcavamar_server_virtual_edition5.0cpe:2.3:a:emc:avamar_server_virtual_edition:5.0:*:*:*:*:*:*:*
emcavamar_server_virtual_edition6.0cpe:2.3:a:emc:avamar_server_virtual_edition:6.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
emc	avamar_server	*	cpe:2.3:a:emc:avamar_server::::::::
emc	avamar_server	4.0	cpe:2.3:a:emc:avamar_server:4.0:::::::*
emc	avamar_server	4.1	cpe:2.3:a:emc:avamar_server:4.1:::::::*
emc	avamar_server	5.0	cpe:2.3:a:emc:avamar_server:5.0:::::::*
emc	avamar_server	6.0	cpe:2.3:a:emc:avamar_server:6.0:::::::*
emc	avamar_server_virtual_edition	*	cpe:2.3:a:emc:avamar_server_virtual_edition::::::::
emc	avamar_server_virtual_edition	4.0	cpe:2.3:a:emc:avamar_server_virtual_edition:4.0:::::::*
emc	avamar_server_virtual_edition	4.1	cpe:2.3:a:emc:avamar_server_virtual_edition:4.1:::::::*
emc	avamar_server_virtual_edition	5.0	cpe:2.3:a:emc:avamar_server_virtual_edition:5.0:::::::*
emc	avamar_server_virtual_edition	6.0	cpe:2.3:a:emc:avamar_server_virtual_edition:6.0:::::::*