Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2018-11067
HistoryNov 26, 2018 - 8:29 p.m.

CVE-2018-11067

2018-11-2620:29:00
CWE-601
[email protected]
web.nvd.nist.gov
6

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

6.2

Confidence

High

EPSS

0.002

Percentile

54.1%

JSON

Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain an open redirection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect application users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links. The vulnerability could be used to conduct phishing attacks that cause users to unknowingly visit malicious sites.

Affected configurations

Nvd
Node
dellemc_avamarMatch7.2.0
OR
dellemc_avamarMatch7.2.1
OR
dellemc_avamarMatch7.3.0
OR
dellemc_avamarMatch7.3.1
OR
dellemc_avamarMatch7.4.0
OR
dellemc_avamarMatch7.4.1
OR
dellemc_avamarMatch7.5.0
OR
dellemc_avamarMatch7.5.1
OR
dellemc_avamarMatch18.1
OR
dellemc_integrated_data_protection_applianceMatch2.0
OR
dellemc_integrated_data_protection_applianceMatch2.1
OR
dellemc_integrated_data_protection_applianceMatch2.2
Node
vmwarevsphere_data_protectionMatch6.0.0
OR
vmwarevsphere_data_protectionMatch6.0.1
OR
vmwarevsphere_data_protectionMatch6.0.2
OR
vmwarevsphere_data_protectionMatch6.0.3
OR
vmwarevsphere_data_protectionMatch6.0.4
OR
vmwarevsphere_data_protectionMatch6.0.5
OR
vmwarevsphere_data_protectionMatch6.0.6
OR
vmwarevsphere_data_protectionMatch6.0.7
OR
vmwarevsphere_data_protectionMatch6.0.8
OR
vmwarevsphere_data_protectionMatch6.1.0
OR
vmwarevsphere_data_protectionMatch6.1.1
OR
vmwarevsphere_data_protectionMatch6.1.2
OR
vmwarevsphere_data_protectionMatch6.1.3
OR
vmwarevsphere_data_protectionMatch6.1.4
OR
vmwarevsphere_data_protectionMatch6.1.5
OR
vmwarevsphere_data_protectionMatch6.1.6
OR
vmwarevsphere_data_protectionMatch6.1.7
OR
vmwarevsphere_data_protectionMatch6.1.8
OR
vmwarevsphere_data_protectionMatch6.1.9
VendorProductVersionCPE
dellemc_avamar7.2.0cpe:2.3:a:dell:emc_avamar:7.2.0:*:*:*:*:*:*:*
dellemc_avamar7.2.1cpe:2.3:a:dell:emc_avamar:7.2.1:*:*:*:*:*:*:*
dellemc_avamar7.3.0cpe:2.3:a:dell:emc_avamar:7.3.0:*:*:*:*:*:*:*
dellemc_avamar7.3.1cpe:2.3:a:dell:emc_avamar:7.3.1:*:*:*:*:*:*:*
dellemc_avamar7.4.0cpe:2.3:a:dell:emc_avamar:7.4.0:*:*:*:*:*:*:*
dellemc_avamar7.4.1cpe:2.3:a:dell:emc_avamar:7.4.1:*:*:*:*:*:*:*
dellemc_avamar7.5.0cpe:2.3:a:dell:emc_avamar:7.5.0:*:*:*:*:*:*:*
dellemc_avamar7.5.1cpe:2.3:a:dell:emc_avamar:7.5.1:*:*:*:*:*:*:*
dellemc_avamar18.1cpe:2.3:a:dell:emc_avamar:18.1:*:*:*:*:*:*:*
dellemc_integrated_data_protection_appliance2.0cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.0:*:*:*:*:*:*:*
Rows per page:
1-10 of 311

Related

prion 1
cvelist 1
cve 1
nessus 2
vmware 1
prion
prion
Open redirect
2018-11-26 20:29:00
cvelist
cvelist
CVE-2018-11067 Dell EMC Avamar and Integrated Data Protection Appliance Open Redirection Vulnerability
2018-11-26 20:00:00
cve
cve
CVE-2018-11067
2018-11-26 20:29:00
nessus
nessus
EMC Avamar ADS / AVE 7.2.x < 7.2.1 Hotfix HOTFIX 300440 / 7.3.x < 7.3.1 Hotfix 300439 / 7.4.x < 7.4.1 Hotfix 300438 / 7.5.0 < 7.5.0 Hotfix 300441 / 7.5.1 < 7.5.1 Hotfix 300442 / 18.1 < 18.1 Hotfix 300443 Multiple Vulnerabilities (DSA-2018-145)
2018-11-30 00:00:00
VMware vSphere Data Protection 6.0.x < 6.0.9 / 6.1.x < 6.1.10 Multiple Vulnerabilities (VMSA-2018-0029)
2018-11-30 00:00:00
vmware
vmware
vSphere Data Protection (VDP) updates address multiple security issues.
2018-11-20 00:00:00

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

6.2

Confidence

High

EPSS

0.002

Percentile

54.1%

JSON
Related for NVD:CVE-2018-11067
prion1cvelist1cve1nessus2vmware1