Dell.EMC.Avamar.Server.LDLS.Privilege.Elevation
Description
This indicates an attack attempt to exploit an Elevation of Privileges vulnerability in Dell EMC Avamar and Dell EMC Integrated Data Protection Appliance.
The vulnerability is due to an error when the vulnerable software in development mode handles a maliciously crafted HTTP request. A remote attacker may be able to exploit this to escalate their privileges on vulnerable systems by viewing and modifying the Local Download Service (LDLS) credentials, via a crafted HTTP request.
Affected Products
Dell EMC Avamar Server 7.3.1
Dell EMC Avamar Server 7.4.1
Dell EMC Avamar Server 7.5.0
Dell EMC Integrated Data Protection Appliance 2.0
Dell EMC Integrated Data Protection Appliance 2.1
Impact
Privilege Escalation: Remote attackers can leverage their privileges on vulnerable systems.
Recommended Actions
Apply the latest patch from the vendor.
https://download.emc.com/downloads/DL87396_Avamar_7.3.1_Hotfix_290316_for_Multiple_Authentication_Bypass_Security_Vulnerabilities.avp?source=OLS
https://download.emc.com/downloads/DL88301_Hotfix_291882:_Dell_EMC_Avamar_7.4.1_and_Integrated_Data_Protection_Appliance_2.0_Installation_Manager_Missing_Access_Control_Vulnerability_(CVE-2018-1217).avp?source=OLS
https://download.emc.com/downloads/DL88307_Hotfix_291881:_Dell_EMC_Avamar_7.5.0_Installation_Manager_Missing_Access_Control_Vulnerability_(CVE-2018-1217).avp?source=OLS
https://download.emc.com/downloads/DL88301_Hotfix_291882:_Dell_EMC_Avamar_7.4.1_and_Integrated_Data_Protection_Appliance_2.0_Installation_Manager_Missing_Access_Control_Vulnerability(CVE-2018-1217).avp?source=OLS
https://download.emc.com/downloads/DL88307_Hotfix_291881:_Dell_EMC_Avamar_7.5.0_Installation_Manager_Missing_Access_Control_Vulnerability_(CVE-2018-1217).avp?source=OLS
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |