Dell.EMC.Avamar.Server.LDLS.Privilege.Elevation

Description

This indicates an attack attempt to exploit an Elevation of Privileges vulnerability in Dell EMC Avamar and Dell EMC Integrated Data Protection Appliance.
The vulnerability is due to an error when the vulnerable software in development mode handles a maliciously crafted HTTP request. A remote attacker may be able to exploit this to escalate their privileges on vulnerable systems by viewing and modifying the Local Download Service (LDLS) credentials, via a crafted HTTP request.

Affected Products

Dell EMC Avamar Server 7.3.1
Dell EMC Avamar Server 7.4.1
Dell EMC Avamar Server 7.5.0
Dell EMC Integrated Data Protection Appliance 2.0
Dell EMC Integrated Data Protection Appliance 2.1

Impact

Privilege Escalation: Remote attackers can leverage their privileges on vulnerable systems.

Recommended Actions

Apply the latest patch from the vendor.
https://download.emc.com/downloads/DL87396_Avamar_7.3.1_Hotfix_290316_for_Multiple_Authentication_Bypass_Security_Vulnerabilities.avp?source=OLS
https://download.emc.com/downloads/DL88301_Hotfix_291882:_Dell_EMC_Avamar_7.4.1_and_Integrated_Data_Protection_Appliance_2.0_Installation_Manager_Missing_Access_Control_Vulnerability_(CVE-2018-1217).avp?source=OLS
https://download.emc.com/downloads/DL88307_Hotfix_291881:_Dell_EMC_Avamar_7.5.0_Installation_Manager_Missing_Access_Control_Vulnerability_(CVE-2018-1217).avp?source=OLS
https://download.emc.com/downloads/DL88301_Hotfix_291882:_Dell_EMC_Avamar_7.4.1_and_Integrated_Data_Protection_Appliance_2.0_Installation_Manager_Missing_Access_Control_Vulnerability(CVE-2018-1217).avp?source=OLS
https://download.emc.com/downloads/DL88307_Hotfix_291881:_Dell_EMC_Avamar_7.5.0_Installation_Manager_Missing_Access_Control_Vulnerability_(CVE-2018-1217).avp?source=OLS

References