N/A

Dell Avamar, versions prior to 19.12 with patch 338905, contains an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Security. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to upload malicious files.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

对路径名的限制不恰当(路径遍历)

Dell Avamar 路径遍历漏洞

Dell Avamar是美国戴尔（Dell）公司的一种专门构建的备份应用装置。用于提供大小方便、统包式、经济实惠、重复数据删除的备份解决方案。 Dell Avamar 19.12之前版本存在路径遍历漏洞，该漏洞源于路径限制不当，可能导致高权限远程攻击者上传恶意文件。

N/A

N/A