Threat Encyclopedia

Dell.EMC.Avamar.Server.LDLS.Privilege.Elevation

description-logoDescription

This indicates an attack attempt to exploit an Elevation of Privileges vulnerability in Dell EMC Avamar and Dell EMC Integrated Data Protection Appliance.
The vulnerability is due to an error when the vulnerable software in development mode handles a maliciously crafted HTTP request. A remote attacker may be able to exploit this to escalate their privileges on vulnerable systems by viewing and modifying the Local Download Service (LDLS) credentials, via a crafted HTTP request.

affected-products-logoAffected Products

Dell EMC Avamar Server 7.3.1
Dell EMC Avamar Server 7.4.1
Dell EMC Avamar Server 7.5.0
Dell EMC Integrated Data Protection Appliance 2.0
Dell EMC Integrated Data Protection Appliance 2.1

Impact

Privilege Escalation: Remote attackers can leverage their privileges on vulnerable systems.

CVE References

CVE-2018-1217

Other References

44441