Severity Rating (CVSS Base Score)
DELL EMC Avamar Data Migration Enabler (ADMe) Web UI requires security updates to address a local file include (LFI) vulnerability.
Dell EMC Avamar ADMe Web Interface is affected by an LFI vulnerability which may allow a malicious user to download arbitrary files from the affected system by sending a specially crafted request to the Web Interface application.
DELL EMC Avamar ADMe Web UI © 1.0.50 and 1.0.51
The following Dell EMC Avamar ADMe Web UI hotfix is to address this vulnerability for the affected versions:
EMC Avamar ADMe Web UI 1.0.50 and 1.0.51 – HOTFIX 310397
If you have any questions, contact Dell EMC Support.
Dell EMC would like to thank Ken Pyle from DFDR Consulting for reporting this vulnerability.