The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

vulnerability announce CVE-2013-0944

EMC Avamar: file reading via File Restore

Synthesis of the vulnerability

An attacker can manipulate the url of the file restore web interface of EMC Avamar, in order to read a file.
Impacted products: Avamar.
Severity: 2/4.
Creation date: 03/05/2013.
Identifiers: BID-59619, CERTA-2013-AVI-288, CVE-2013-0944, ESA-2013-034, VIGILANCE-VUL-12752.

Description of the vulnerability

An attacker can manipulate the url of the file restore web interface of EMC Avamar, in order to read a file.

Technical details are unknown.
Complete Vigil@nce bulletin.... (free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a software vulnerabilities watch. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The technology watch team tracks security threats targeting the computer system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.