CVE-2018-11076 in Dell and VMware Products

CVE-2018-11076 in Dell and VMware Products
Published on November 26, 2018

Dell EMC Avamar and Integrated Data Protection Appliance Information Exposure Vulnerability

Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0 and 7.4.1 and Dell EMC Integrated Data Protection Appliance (IDPA) 2.0 are affected by an information exposure vulnerability. Avamar Java management console's SSL/TLS private key may be leaked in the Avamar Java management client package. The private key could potentially be used by an unauthenticated attacker on the same data-link layer to initiate a MITM attack on management console users.

Products Associated with CVE-2018-11076

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-11076 are published in these products:

Affected Versions

Version 7.2.0 is affected.

Version 7.2.1 is affected.

Version 7.3.0 is affected.

Version 7.3.1 is affected.

Version 7.4.0 is affected.

Version 7.4.1 is affected.

Version 2.0 is affected.

Exploit Probability

EPSS

0.39%

Percentile

59.32%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-11076 in Dell and VMware ProductsPublished on November 26, 2018

Products Associated with CVE-2018-11076

Affected Versions

Exploit Probability

CVE-2018-11076 in Dell and VMware Products
Published on November 26, 2018