Vulnerability-Lookup

CVE-2018-11066 (GCVE-0-2018-11066)

Vulnerability from cvelistv5 – Published: 2018-11-26 20:00 – Updated: 2024-09-17 03:43

Title

Dell EMC Avamar and Integrated Data Protection Appliance Remote Code Execution Vulnerability

Summary

Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server.

Severity ?

No CVSS data available.

CWE

Remote Code Execution Vulnerability

Assigner

dell

References

URL

Tags

	http://www.securityfocus.com/bid/105968	vdb-entryx_refsource_BID
	https://seclists.org/fulldisclosure/2018/Nov/49	mailing-listx_refsource_FULLDISC
	https://www.vmware.com/security/advisories/VMSA-2…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1042153	vdb-entryx_refsource_SECTRACK

Impacted products

Vendor

Product

Version

Dell EMC

Avamar

Affected: 7.2.0
Affected: 7.2.1
Affected: 7.3.0
Affected: 7.3.1
Affected: 7.4.0
Affected: 7.4.1
Affected: 7.5.0
Affected: 7.5.1
Affected: 18.1

Dell EMC

Integrated Data Protection Appliance

Affected: 2.0
Affected: 2.1
Affected: 2.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:54:36.502Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "105968",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105968"
          },
          {
            "name": "20181120 DSA-2018-145: Dell EMC Avamar Multiple Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "https://seclists.org/fulldisclosure/2018/Nov/49"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.vmware.com/security/advisories/VMSA-2018-0029.html"
          },
          {
            "name": "1042153",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1042153"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Avamar",
          "vendor": "Dell EMC",
          "versions": [
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.5.0"
            },
            {
              "status": "affected",
              "version": "7.5.1"
            },
            {
              "status": "affected",
              "version": "18.1"
            }
          ]
        },
        {
          "product": "Integrated Data Protection Appliance",
          "vendor": "Dell EMC",
          "versions": [
            {
              "status": "affected",
              "version": "2.0"
            },
            {
              "status": "affected",
              "version": "2.1"
            },
            {
              "status": "affected",
              "version": "2.2"
            }
          ]
        }
      ],
      "datePublic": "2018-11-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution Vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-27T16:57:01.000Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "name": "105968",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105968"
        },
        {
          "name": "20181120 DSA-2018-145: Dell EMC Avamar Multiple Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "https://seclists.org/fulldisclosure/2018/Nov/49"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.vmware.com/security/advisories/VMSA-2018-0029.html"
        },
        {
          "name": "1042153",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1042153"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Dell EMC Avamar and Integrated Data Protection Appliance Remote Code Execution Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security_alert@emc.com",
          "DATE_PUBLIC": "2018-11-20T05:00:00.000Z",
          "ID": "CVE-2018-11066",
          "STATE": "PUBLIC",
          "TITLE": "Dell EMC Avamar and Integrated Data Protection Appliance Remote Code Execution Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Avamar",
                      "version": {
                        "version_data": [
                          {
                            "affected": "=",
                            "version_affected": "=",
                            "version_value": "7.2.0"
                          },
                          {
                            "affected": "=",
                            "version_affected": "=",
                            "version_value": "7.2.1"
                          },
                          {
                            "affected": "=",
                            "version_affected": "=",
                            "version_value": "7.3.0"
                          },
                          {
                            "affected": "=",
                            "version_affected": "=",
                            "version_value": "7.3.1"
                          },
                          {
                            "affected": "=",
                            "version_affected": "=",
                            "version_value": "7.4.0"
                          },
                          {
                            "affected": "=",
                            "version_affected": "=",
                            "version_value": "7.4.1"
                          },
                          {
                            "version_value": "7.5.0"
                          },
                          {
                            "version_value": "7.5.1"
                          },
                          {
                            "version_value": "18.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Integrated Data Protection Appliance",
                      "version": {
                        "version_data": [
                          {
                            "affected": "=",
                            "version_affected": "=",
                            "version_value": "2.0"
                          },
                          {
                            "affected": "=",
                            "version_affected": "=",
                            "version_value": "2.1"
                          },
                          {
                            "affected": "=",
                            "version_affected": "=",
                            "version_value": "2.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Dell EMC"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote Code Execution Vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "105968",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105968"
            },
            {
              "name": "20181120 DSA-2018-145: Dell EMC Avamar Multiple Vulnerabilities",
              "refsource": "FULLDISC",
              "url": "https://seclists.org/fulldisclosure/2018/Nov/49"
            },
            {
              "name": "https://www.vmware.com/security/advisories/VMSA-2018-0029.html",
              "refsource": "CONFIRM",
              "url": "https://www.vmware.com/security/advisories/VMSA-2018-0029.html"
            },
            {
              "name": "1042153",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1042153"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2018-11066",
    "datePublished": "2018-11-26T20:00:00.000Z",
    "dateReserved": "2018-05-14T00:00:00.000Z",
    "dateUpdated": "2024-09-17T03:43:20.412Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GSD-2018-11066

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-11066

Aliases

CVE-2018-11066

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-11066",
    "description": "Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server.",
    "id": "GSD-2018-11066"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-11066"
      ],
      "details": "Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server.",
      "id": "GSD-2018-11066",
      "modified": "2023-12-13T01:22:42.217234Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security_alert@emc.com",
        "DATE_PUBLIC": "2018-11-20T05:00:00.000Z",
        "ID": "CVE-2018-11066",
        "STATE": "PUBLIC",
        "TITLE": "Dell EMC Avamar and Integrated Data Protection Appliance Remote Code Execution Vulnerability"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Avamar",
                    "version": {
                      "version_data": [
                        {
                          "affected": "=",
                          "version_value": "7.2.0"
                        },
                        {
                          "affected": "=",
                          "version_value": "7.2.1"
                        },
                        {
                          "affected": "=",
                          "version_value": "7.3.0"
                        },
                        {
                          "affected": "=",
                          "version_value": "7.3.1"
                        },
                        {
                          "affected": "=",
                          "version_value": "7.4.0"
                        },
                        {
                          "affected": "=",
                          "version_value": "7.4.1"
                        },
                        {
                          "version_value": "7.5.0"
                        },
                        {
                          "version_value": "7.5.1"
                        },
                        {
                          "version_value": "18.1"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Integrated Data Protection Appliance ",
                    "version": {
                      "version_data": [
                        {
                          "affected": "=",
                          "version_value": "2.0"
                        },
                        {
                          "affected": "=",
                          "version_value": "2.1"
                        },
                        {
                          "affected": "=",
                          "version_value": "2.2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Dell EMC"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Remote Code Execution Vulnerability"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "105968",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/105968"
          },
          {
            "name": "20181120 DSA-2018-145: Dell EMC Avamar Multiple Vulnerabilities",
            "refsource": "FULLDISC",
            "url": "https://seclists.org/fulldisclosure/2018/Nov/49"
          },
          {
            "name": "https://www.vmware.com/security/advisories/VMSA-2018-0029.html",
            "refsource": "CONFIRM",
            "url": "https://www.vmware.com/security/advisories/VMSA-2018-0029.html"
          },
          {
            "name": "1042153",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1042153"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:dell:emc_avamar:7.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:dell:emc_avamar:7.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:dell:emc_avamar:18.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:dell:emc_avamar:7.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:dell:emc_avamar:7.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:dell:emc_avamar:7.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:dell:emc_avamar:7.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:dell:emc_avamar:7.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:dell:emc_avamar:7.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@dell.com",
          "ID": "CVE-2018-11066"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20181120 DSA-2018-145: Dell EMC Avamar Multiple Vulnerabilities",
              "refsource": "FULLDISC",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://seclists.org/fulldisclosure/2018/Nov/49"
            },
            {
              "name": "1042153",
              "refsource": "SECTRACK",
              "tags": [
                "VDB Entry",
                "Third Party Advisory"
              ],
              "url": "http://www.securitytracker.com/id/1042153"
            },
            {
              "name": "105968",
              "refsource": "BID",
              "tags": [
                "VDB Entry",
                "Third Party Advisory"
              ],
              "url": "http://www.securityfocus.com/bid/105968"
            },
            {
              "name": "https://www.vmware.com/security/advisories/VMSA-2018-0029.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.vmware.com/security/advisories/VMSA-2018-0029.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2018-11-26T20:29Z"
    }
  }
}

CNVD-2018-23618

Vulnerability from cnvd - Published: 2018-11-21

Title

Dell EMC Avamar远程代码执行漏洞

Description

Dell EMC Avamar是一套用于服务器的完全虚拟化的备份和恢复软件。 Dell EMC Avamar存在远程代码执行漏洞。远程未经身份验证的攻击者可能利用此漏洞在服务器上执行任意命令。

Severity

高

Patch Name

Dell EMC Avamar远程代码执行漏洞的补丁

Patch Description

Dell EMC Avamar是一套用于服务器的完全虚拟化的备份和恢复软件。 Dell EMC Avamar存在远程代码执行漏洞。远程未经身份验证的攻击者可能利用此漏洞在服务器上执行任意命令。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下供应商提供的安全公告获得补丁信息： https://seclists.org/fulldisclosure/2018/Nov/49

Reference

https://seclists.org/fulldisclosure/2018/Nov/49

Impacted products

Name
['Dell EMC Avamar Server 7.3.1', 'Dell EMC Avamar Server 7.4.1', 'Dell EMC Avamar Server 7.5.0', 'Dell EMC Avamar Server 7.2.0', 'Dell EMC Avamar Server 7.2.1', 'Dell EMC Avamar Server 7.3.0', 'Dell EMC Avamar Server 7.4.0', 'Dell EMC Avamar Server 7.5.1', 'Dell EMC Avamar Server 18.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-11066"
    }
  },
  "description": "Dell EMC Avamar\u662f\u4e00\u5957\u7528\u4e8e\u670d\u52a1\u5668\u7684\u5b8c\u5168\u865a\u62df\u5316\u7684\u5907\u4efd\u548c\u6062\u590d\u8f6f\u4ef6\u3002\n\nDell EMC Avamar\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u53ef\u80fd\u5229\u7528\u6b64\u6f0f\u6d1e\u5728\u670d\u52a1\u5668\u4e0a\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002",
  "discovererName": "Jarrod Farncomb",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://seclists.org/fulldisclosure/2018/Nov/49",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-23618",
  "openTime": "2018-11-21",
  "patchDescription": "Dell EMC Avamar\u662f\u4e00\u5957\u7528\u4e8e\u670d\u52a1\u5668\u7684\u5b8c\u5168\u865a\u62df\u5316\u7684\u5907\u4efd\u548c\u6062\u590d\u8f6f\u4ef6\u3002\r\n\r\nDell EMC Avamar\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u53ef\u80fd\u5229\u7528\u6b64\u6f0f\u6d1e\u5728\u670d\u52a1\u5668\u4e0a\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Dell EMC Avamar\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Dell EMC Avamar Server 7.3.1",
      "Dell EMC Avamar Server 7.4.1",
      "Dell EMC Avamar Server 7.5.0",
      "Dell EMC Avamar Server 7.2.0",
      "Dell EMC Avamar Server 7.2.1",
      "Dell EMC Avamar Server 7.3.0",
      "Dell EMC Avamar Server 7.4.0",
      "Dell EMC Avamar Server 7.5.1",
      "Dell EMC Avamar Server 18.1"
    ]
  },
  "referenceLink": "https://seclists.org/fulldisclosure/2018/Nov/49",
  "serverity": "\u9ad8",
  "submitTime": "2018-11-21",
  "title": "Dell EMC Avamar\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CERTFR-2018-AVI-565

Vulnerability from certfr_avis - Published: 2018-11-21 - Updated: 2018-11-21

De multiples vulnérabilités ont été découvertes dans VMware vSphere Data Protection. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	VMware	N/A	vSphere Data Protection (VDP) versions 6.0.x antérieures à 6.0.9
	VMware	N/A	vSphere Data Protection (VDP) versions 6.1.x antérieures à 6.1.10

References

Title

Publication Time

GHSA-M593-G9CM-C9FM

Vulnerability from github – Published: 2022-05-13 01:49 – Updated: 2022-05-13 01:49

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-11066"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-11-26T20:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server.",
  "id": "GHSA-m593-g9cm-c9fm",
  "modified": "2022-05-13T01:49:01Z",
  "published": "2022-05-13T01:49:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11066"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/fulldisclosure/2018/Nov/49"
    },
    {
      "type": "WEB",
      "url": "https://www.vmware.com/security/advisories/VMSA-2018-0029.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/105968"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1042153"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2018-11066

Vulnerability from fkie_nvd - Published: 2018-11-26 20:29 - Updated: 2024-11-21 03:42

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security_alert@emc.com	http://www.securityfocus.com/bid/105968	Third Party Advisory, VDB Entry
security_alert@emc.com	http://www.securitytracker.com/id/1042153	Third Party Advisory, VDB Entry
security_alert@emc.com	https://seclists.org/fulldisclosure/2018/Nov/49	Mailing List, Third Party Advisory
security_alert@emc.com	https://www.vmware.com/security/advisories/VMSA-2018-0029.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/105968	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1042153	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://seclists.org/fulldisclosure/2018/Nov/49	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.vmware.com/security/advisories/VMSA-2018-0029.html	Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
dell	emc_avamar	7.2.0
dell	emc_avamar	7.2.1
dell	emc_avamar	7.3.0
dell	emc_avamar	7.3.1
dell	emc_avamar	7.4.0
dell	emc_avamar	7.4.1
dell	emc_avamar	7.5.0
dell	emc_avamar	7.5.1
dell	emc_avamar	18.1
dell	emc_integrated_data_protection_appliance	2.0
dell	emc_integrated_data_protection_appliance	2.1
dell	emc_integrated_data_protection_appliance	2.2
vmware	vsphere_data_protection	6.0.0
vmware	vsphere_data_protection	6.0.1
vmware	vsphere_data_protection	6.0.2
vmware	vsphere_data_protection	6.0.3
vmware	vsphere_data_protection	6.0.4
vmware	vsphere_data_protection	6.0.5
vmware	vsphere_data_protection	6.0.6
vmware	vsphere_data_protection	6.0.7
vmware	vsphere_data_protection	6.0.8
vmware	vsphere_data_protection	6.1.0
vmware	vsphere_data_protection	6.1.1
vmware	vsphere_data_protection	6.1.2
vmware	vsphere_data_protection	6.1.3
vmware	vsphere_data_protection	6.1.4
vmware	vsphere_data_protection	6.1.5
vmware	vsphere_data_protection	6.1.6
vmware	vsphere_data_protection	6.1.7
vmware	vsphere_data_protection	6.1.8
vmware	vsphere_data_protection	6.1.9

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:dell:emc_avamar:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D9FD281-DB86-4D2D-BC19-CE2453709121",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:dell:emc_avamar:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA20E0E8-6812-4416-93AA-E59B693FCFC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:dell:emc_avamar:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "066595A8-C9EC-4ED3-AE76-A778F226B61E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:dell:emc_avamar:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBA338A4-140B-4C5E-9D58-C17163EBE629",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:dell:emc_avamar:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "490F94D4-CD84-418F-BCF3-A5FF2F98BEAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:dell:emc_avamar:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "81FAAFDD-6A1B-44DE-92CB-B60D24397FED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:dell:emc_avamar:7.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EA6C66A-CD8D-4829-891D-64FF533F3780",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:dell:emc_avamar:7.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B634FEE-123C-413B-8D06-7D9E4AE0995B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:dell:emc_avamar:18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9022A46B-7D49-492A-8DC4-CBA9C2001497",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C4D195D-C047-42E9-9885-0464642EC6EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "76D6282D-ABA7-4972-8E13-2A625F13CF53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "06E2AD30-A9F5-453C-BC38-2A35DD39FA85",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA48F5F-3B72-427E-9C9A-E5C3EC03A5F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AF32F55-AE25-4F52-B043-1C2623344F1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8FEBFF6-CEF2-4A8E-BA29-3F383D6DF436",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC123DA-FBC3-4075-B4C0-A5295A6965A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D8E9053-F846-48A5-93D7-35D0665D4038",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "561D7F05-3074-44E8-A9C9-11CF1B8FFF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF81991D-6B69-4849-86B3-3A35CCB4B4E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9DE2E06-EAF2-401B-A775-44EF23D17691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "12DE5F53-7FEC-4EF0-9841-C8493AE25E0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D7E39A9-BE37-4848-BAD2-7F97D04F0D7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A908399-8C17-46B6-B554-77F588C2BF42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC8AFC55-915D-46AC-80DA-E100F4CFFD64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2B9A334-69EB-4E88-A446-18A1B0C669B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D94A218-4CA0-46EA-BA44-24E90037222D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC527586-5680-4626-95D4-28EF84439DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1476A3A-9BD3-4DF5-8290-CC32AFFA122C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F946694-A52E-46C9-A4C7-663B5EE01138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D006B093-4DEB-4911-995C-744B3189D46D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vsphere_data_protection:6.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "664DCBF4-0C41-4B68-B983-4E16933BA269",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server."
    },
    {
      "lang": "es",
      "value": "Dell EMC Avamar Client Manager, en las versiones 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 y 18.1 de Dell EMC Avamar Server y las 2.0, 2.1 y 2.2 de Dell EMC Integrated Data Protection Appliance (IDPA) tienen una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo. Un atacante remoto no autenticado podr\u00eda explotar esta vulnerabilidad para ejecutar comandos arbitrarios en el servidor."
    }
  ],
  "id": "CVE-2018-11066",
  "lastModified": "2024-11-21T03:42:36.627",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-11-26T20:29:00.247",
  "references": [
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105968"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1042153"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://seclists.org/fulldisclosure/2018/Nov/49"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.vmware.com/security/advisories/VMSA-2018-0029.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105968"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1042153"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://seclists.org/fulldisclosure/2018/Nov/49"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.vmware.com/security/advisories/VMSA-2018-0029.html"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-11066 (GCVE-0-2018-11066)

GSD-2018-11066

CNVD-2018-23618

CERTFR-2018-AVI-565

Solution

GHSA-M593-G9CM-C9FM

FKIE_CVE-2018-11066

Tags

Sightings

Nomenclature