Researchers have discovered several vulnerabilities in Dell EMC’s data protection products that would allow an attacker to gain full control of the system. Fortunately, a fix is available now for download.
The vulnerabilities, three in all, were disclosed on Jan. 4 by the security technology and services firm Digital Defense. They effect Dell EMC’s Avamar Server, NetWorker Virtual Edition, and Integrated Data Protection Appliance, which use a common component called Avamar Installation Manager. This is the problematic app.
In addition to this, a related problem in the VMware vSphere Data Protection backup product has also been uncovered, but it has already been patched.
Source: NW Security 1