Researchers have discovered three vulnerabilities in the Dell EMC Data Protection family of products. These vulnerabilities could be used by attackers to bypass security and gain complete control of a system.
Dell EMC’s Avamar Server, NetWorker Virtual Edition, and the Integrated Data Protection Appliance all contain a standard component – the Avamar Installation Manager which has been found to be vulnerable by the security services firm, Digital Defense. The main flaw in the system allows an attacker to remotely access the server and force it to grant administrative rights. By exploiting the vulnerability, this would allow an attacker would be able to obtain information contained within the appliance such as database fields and saved server data. The other vulnerabilities allows for an authenticated user to download, upload and make changes to the files in the root directory. When combined with administrative privileges, these vulnerabilities could easily compromise the entire security appliance.
Dell has been quick to acknowledge the vulnerabilities and has used the findings from the researchers at Digital Defense to verify the threat and to check for other impacted devices. In a statement delivered to CRN on Friday, Dell had this to say:
“With software vulnerabilities a fact of life in the technology industry, Dell EMC follows best practices in managing and responding to security vulnerabilities in our products. Our goal is to provide customers with timely information, guidance, and mitigation to address threats from vulnerabilities.”
Dell EMC clients should receive a direct notice from Dell addressing the matter but further information on the security fix can be obtained through the security advisory ESA-2018-001(requires Dell EMC Online Support credentials).