Volerion logoVolerion
Volerion logoVolerion

Dell Avamar Trusting HTTP Permission Methods Vulnerability Leading to Information Exposure

Vulnerability

A vulnerability exists in Dell Avamar and Dell Avamar Virtual Edition, specifically in versions prior to 19.12 with patch 338905, and versions 19.10SP1 with patch 338904. This vulnerability involves trusting HTTP permission methods on the server side, which could be exploited by a low-privileged attacker with remote access, potentially leading to unauthorized information exposure.

Impact

Exploitation of this vulnerability could result in unauthorized information exposure.

Remediation

Users can upgrade to Dell Avamar version 19.12 with patch 338905 or later. For versions 19.10, 19.10-SP1, 19.7, 19.8, 19.9, and 19.4, users should upgrade to version 19.10SP1 with patch 338904 or later. Instructions for downloading the updated versions are available in the Avamar Downloads Area.

Added: Aug 4, 2025, 7:32 PM
Updated: Aug 4, 2025, 7:32 PM

Vulnerability Rating

Custom Algorithm
spread
2.6
impact
2.5
exploitability
4.9
remediation
7.7
relevance
0.3
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.