CVE-2013-3275

EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly restrict use of FRAME elements, which makes it easier for remote attackers to obtain sensitive information via a crafted web site, related to "cross frame scripting vulnerabilities."
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:emc:avamar_server:*:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar_server:4.0:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar_server:4.1:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar_server:5.0:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar_server:6.0:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar_server_virtual_edition:*:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar_server_virtual_edition:4.0:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar_server_virtual_edition:4.1:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar_server_virtual_edition:5.0:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar_server_virtual_edition:6.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2013-07-19 14:36

Updated : 2024-02-04 18:16


NVD link : CVE-2013-3275

Mitre link : CVE-2013-3275

CVE.ORG link : CVE-2013-3275


JSON object : View

Products Affected

emc

  • avamar_server
  • avamar_server_virtual_edition
CWE
CWE-20

Improper Input Validation