{"containers":{"cna":{"affected":[{"product":"Avamar","vendor":"Dell EMC","versions":[{"status":"affected","version":"7.2.0"},{"status":"affected","version":"7.2.1"},{"status":"affected","version":"7.3.0"},{"status":"affected","version":"7.3.1"},{"status":"affected","version":"7.4.0"},{"status":"affected","version":"7.4.1"},{"status":"affected","version":"7.5.0"},{"status":"affected","version":"7.5.1"},{"status":"affected","version":"18.1"}]},{"product":"Integrated Data Protection Appliance","vendor":"Dell EMC","versions":[{"status":"affected","version":"2.0"},{"status":"affected","version":"2.1"},{"status":"affected","version":"2.2"}]}],"datePublic":"2018-11-20T00:00:00.000Z","descriptions":[{"lang":"en","value":"Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server."}],"problemTypes":[{"descriptions":[{"description":"Remote Code Execution Vulnerability","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-11-27T16:57:01.000Z","orgId":"c550e75a-17ff-4988-97f0-544cde3820fe","shortName":"dell"},"references":[{"name":"105968","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/105968"},{"name":"20181120 DSA-2018-145: Dell EMC Avamar Multiple Vulnerabilities","tags":["mailing-list","x_refsource_FULLDISC"],"url":"https://seclists.org/fulldisclosure/2018/Nov/49"},{"tags":["x_refsource_CONFIRM"],"url":"https://www.vmware.com/security/advisories/VMSA-2018-0029.html"},{"name":"1042153","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id/1042153"}],"source":{"discovery":"UNKNOWN"},"title":"Dell EMC Avamar and Integrated Data Protection Appliance Remote Code Execution Vulnerability","x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security_alert@emc.com","DATE_PUBLIC":"2018-11-20T05:00:00.000Z","ID":"CVE-2018-11066","STATE":"PUBLIC","TITLE":"Dell EMC Avamar and Integrated Data Protection Appliance Remote Code Execution Vulnerability"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Avamar","version":{"version_data":[{"affected":"=","version_affected":"=","version_value":"7.2.0"},{"affected":"=","version_affected":"=","version_value":"7.2.1"},{"affected":"=","version_affected":"=","version_value":"7.3.0"},{"affected":"=","version_affected":"=","version_value":"7.3.1"},{"affected":"=","version_affected":"=","version_value":"7.4.0"},{"affected":"=","version_affected":"=","version_value":"7.4.1"},{"version_value":"7.5.0"},{"version_value":"7.5.1"},{"version_value":"18.1"}]}},{"product_name":"Integrated Data Protection Appliance","version":{"version_data":[{"affected":"=","version_affected":"=","version_value":"2.0"},{"affected":"=","version_affected":"=","version_value":"2.1"},{"affected":"=","version_affected":"=","version_value":"2.2"}]}}]},"vendor_name":"Dell EMC"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Remote Code Execution Vulnerability"}]}]},"references":{"reference_data":[{"name":"105968","refsource":"BID","url":"http://www.securityfocus.com/bid/105968"},{"name":"20181120 DSA-2018-145: Dell EMC Avamar Multiple Vulnerabilities","refsource":"FULLDISC","url":"https://seclists.org/fulldisclosure/2018/Nov/49"},{"name":"https://www.vmware.com/security/advisories/VMSA-2018-0029.html","refsource":"CONFIRM","url":"https://www.vmware.com/security/advisories/VMSA-2018-0029.html"},{"name":"1042153","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1042153"}]},"source":{"discovery":"UNKNOWN"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-05T07:54:36.502Z"},"title":"CVE Program Container","references":[{"name":"105968","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/105968"},{"name":"20181120 DSA-2018-145: Dell EMC Avamar Multiple Vulnerabilities","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"https://seclists.org/fulldisclosure/2018/Nov/49"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.vmware.com/security/advisories/VMSA-2018-0029.html"},{"name":"1042153","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id/1042153"}]}]},"cveMetadata":{"assignerOrgId":"c550e75a-17ff-4988-97f0-544cde3820fe","assignerShortName":"dell","cveId":"CVE-2018-11066","datePublished":"2018-11-26T20:00:00.000Z","dateReserved":"2018-05-14T00:00:00.000Z","dateUpdated":"2024-09-17T03:43:20.412Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}