Vulnerabilities > EMC > Avamar Server > 7.3.0.226

DATE CVE VULNERABILITY TITLE RISK
2017-06-21 CVE-2017-4990 Unrestricted Upload of File with Dangerous Type vulnerability in EMC Avamar Server
In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an unauthorized attacker may leverage the file upload feature of the system maintenance page to load a maliciously crafted file to any directory which could allow the attacker to execute arbitrary code on the Avamar Server system.
network
low complexity
emc CWE-434
critical
 9.8
9.8
2017-06-21 CVE-2017-4989 Improper Authentication vulnerability in EMC Avamar Server
In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page.
network
low complexity
emc CWE-287
critical
 9.8
9.8