MidnightBSD

Advisories for avamar_virtual_edition

CVE-2014-4624 MEDIUM

EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x through 7.0.2-43 do not require authentication for Java API calls, which allows remote attackers to discover grid MCUser and GSAN passwords via a crafted call.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
avamar_virtual_edition 6.0 *
avamar_virtual_edition 7.0.2-43 *
avamar_virtual_edition 6.0.402 *
avamar_virtual_edition 7.0 *