Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Avamar Server

Source -

CNA

CNA CVEs -

3

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2026-22762
Assigner-Dell
ShareView Details
Assigner-Dell
CVSS Score-6.5||MEDIUM
EPSS-0.04% / 12.12%
||
7 Day CHG~0.00%
Published-17 Feb, 2026 | 19:53
Updated-18 Feb, 2026 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Avamar Server and Avamar Virtual Edition, versions prior to 19.10 SP1 with CHF338912, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Security. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary file delete.

Action-Not Available
Vendor-Dell Inc.
Product-Avamar Virtual EditionAvamar ServerPowerProtect DP Series Appliance (IDPA)
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-36597
Assigner-Dell
ShareView Details
Assigner-Dell
CVSS Score-4.7||MEDIUM
EPSS-0.03% / 9.53%
||
7 Day CHG~0.00%
Published-17 Feb, 2026 | 19:05
Updated-18 Feb, 2026 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Avamar, versions prior to 19.12 with patch 338905, contains an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Security. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to information disclosure.

Action-Not Available
Vendor-Dell Inc.
Product-Avamar Virtual EditionAvamar ServerPowerProtect DP Series Appliance (IDPA)
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-21120
Assigner-Dell
ShareView Details
Assigner-Dell
CVSS Score-8.3||HIGH
EPSS-0.06% / 18.39%
||
7 Day CHG~0.00%
Published-04 Aug, 2025 | 18:33
Updated-18 Feb, 2026 | 15:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Avamar, versions prior to 19.10 SP1 with patch 338904, contains a Trusting HTTP Permission Methods on the Server-Side vulnerability in Security. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

Action-Not Available
Vendor-Dell Inc.
Product-Avamar Virtual EditionAvamar Server
CWE ID-CWE-650
Trusting HTTP Permission Methods on the Server Side