Avamar

19.10

MAJOR_MINOR 3 CVEs

19.1

MAJOR_MINOR 1 CVE

7.3.1, 7.4.1

OTHER 1 CVE

19.4

MAJOR_MINOR 4 CVEs

7.5.0

SEMANTIC 1 CVE

18.2

MAJOR_MINOR 1 CVE

unspecified

OTHER 4 CVEs

18.2, 19.1, 19.2, 19.3, 19.4

OTHER 1 CVE

19.10SP1

OTHER 3 CVEs

7.4.1, 7.5.0, 7.5.1, 18.2

OTHER 1 CVE

19.7

MAJOR_MINOR 3 CVEs

19.8

MAJOR_MINOR 3 CVEs

19.3, 19.4

OTHER 1 CVE

19.9

MAJOR_MINOR 3 CVEs

7.5.1

SEMANTIC 1 CVE

7.4.1

SEMANTIC 1 CVE

CVE-2024-47977

Dell Avamar, version(s) 19.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.

HIGH Dec 10, 2024

CVE-2024-47484

Dell Avamar, version(s) 19.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Command execution.

HIGH Dec 10, 2024

CVE-2024-52538

Dell Avamar, version(s) 19.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection.

HIGH Dec 10, 2024

CVE-2021-36317

Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in AvInstaller. A local attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

MEDIUM Dec 21, 2021