• Solutions
    • Solutions

    • Scan
    • Analyze
    • Score
    • Automate
    • What is on my network?
      Quickly, comprehensively and accurately assess endpoints and servers for operating system and application vulnerabilities.
    • Which assets are at risk, and what should I do about their vulnerabilities?
      Identify which assets are at risk and receive actionable intelligence to reduce workload and increase effectiveness.
    • How do I measure my overall risk and where should I focus remediation efforts?
      Benefit from a clear, easy-to-understand metric to determine your organization’s security posture.
    • How can I integrate Frontline vulnerability findings into my security workflow?
      Easily integrate discovered, analyzed, scored, and prioritized vulnerabilities into leading security workflow management platforms and SIEMs.
    • Test
    • Educate
    • Compliance
    • How do I assess where I’m exposed from an attacker’s perspective?
      Assess your “network attack surface” and your “personnel attack surface”.
    • How do I ensure all personnel are cognizant of risky “digital behavior”?
      Increase the security IQ of employees, contractors, and patrons to effectively defend against a security breach.
    • Am I meeting requisite compliance standards?
      Leverage the expertise of one of the world’s longest tenured PCI Approved Scanning Vendors (ASV) to achieve compliance AND an optimal level of security.
  • Cloud Subscriptions
    • Frontline Cloud Subscriptions

    • Frontline Advanced™
    • Frontline Pro™
    • Frontline PCI Pro™
    • Frontline Pen Test™
    • Frontline Advanced is Digital Defense’s flagship vulnerability management offering. Powerful and effective, the service is delivered in a rich, affordable and easy to consume subscription.
    • Frontline Pro provides the same industry leading solution subscription as Frontline Advanced, but adds a Personal Security Analyst (PSA) to help lift the burden of vulnerability management.
    • Frontline Payment Card Industry-Professional (Frontline PCI-Pro) service guides businesses through the PCI Data Security Standards (DSS) requirements maze with security expertise and personalized recommendations to achieve compliance.
    • Frontline Pen Test offers a conveniently packaged sequence of periodic (and scheduled) pen tests into an annual subscription.
  • Platform
    • Platform

    • Frontline RNA™
    • Frontline VM™
    • Frontline Reconnaissance Network Appliance (RNA) is a preconfigured network based device used to perform network security assessments without requiring onsite staff.
    • Frontline Vulnerability Manager (VM) is the industry’s most comprehensive, accurate, and easy to use VM platform – bar none.
  • Network Security Technologies
    • Technologies

    • DDI NIRV™
    • DDI VRT™
    • DDI DNA™
    • DDI NIRV – the technology core of Frontline RNA™ – works on the principle of real-time event-based tuning. As it learns more about hosts and the network, NIRV adjusts its plugin sets and auditing mechanisms in real time – leading to far more accurate and complete scanning data.
    • While Digital Defense has achieved public acclaim for its superior vulnerability scanning, vulnerability management, and best practice consultative services, we are also actively involved in security threat research.
    • Digital Node Attribution (DNA) is the core technology within Frontline VM that eliminates network drift. As point in time scans from RNA are fed into Frontline Vulnerability Manager™,
  • Professional Services
    • Professional Services

    • Frontline Pen Test Project™
    • Frontline Social Test™
    • SecurED™ Training
    • Understanding and addressing network and host vulnerabilities is, of course, an essential element to strong information security.
    • Social engineering is a popular technique attackers use to gain access to your network and, ultimately, valuable information held by your organization.
    • SecurED, an entertaining awareness training designed to optimize employee retention of serious security intelligence and best practices.
    • TEAM™
    • Consultative Services
    • As your organization grows in size and complexity, determining exposure to information asset risks becomes more challenging, as does your ability to identify threats and implement effective plans to address them.
    • As your organization grows in size and complexity, determining exposure to information asset risks becomes more challenging, as does your ability to identify threats and implement effective plans to address them.
  • Get a Quote

Today Digital Defense is disclosing three vulnerabilities identified on Dell EMC Data Protection Suite Family products discovered by the Digital Defense Vulnerability Research Team (VRT). VRT would like to commend Dell EMC for their prompt handling and diligent attention to the issues and their work with Digital Defense engineering staff to understand, resolve and verify the fixes for these security issues.

Dell EMC Avamar Server, NetWorker Virtual Edition and Integrated Data Protection Appliance contain a common component, Avamar Installation Manager (AVI), which is vulnerable to the disclosed vulnerabilities. Dell EMC has released security fixes to address these vulnerabilities. The security fixes can be obtained through security advisory ESA-2018-001(requires Dell EMC Online Support credentials).

For more details on Dell EMC Vulnerability Response Policy see http://www.emc.com/products/security/product-security-response-center.htm .

Please contact Dell EMC technical support representative for any assistance or further information.

Clients who currently use Digital Defense’s Frontline Vulnerability Manager™ platform can sweep for the presence of this issue by performing a full vulnerability assessment scan.

Details of the vulnerabilities are as follows:

Vendor: Dell EMC

Products :

  • Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4. x, 7.5.0
  • NetWorker Virtual Edition 0.x, 9.1.x, 9.2.x
  • Integrated Data Protection Appliance 2.0

Link: http://www.dellemc.com/en-us/data-protection/data-protection-suite/index.htm



DDI-VRT-2017- 06: Authentication Bypass in SecurityService
DDI-VRT-2017-07: Authenticated Arbitrary File Access in UserInputService
DDI-VRT-2017-08: Authenticated File Upload in UserInputService


While generally not Internet accessible due to the nature of the application, a number of instances were found publicly available.


Vulnerability: Authentication Bypass in SecurityService

CVE ID: CVE-2017-15548

Impact: The authentication bypass can be combined with the other two vulnerabilities to fully compromise the virtual appliance.

Details: User authentication is performed via a POST that includes username, password and wsURL parameters. The wsURL parameter can be an arbitrary URL that the Avamar server will send an authentication SOAP request to including provided username and password. If the Avamar server receives a successful SOAP response it will return a valid session ID. An attacker doesn’t require any specific knowledge about the targeted Avamar server to generate a successful SOAP response, a generic, validly formed SOAP response will work for multiple Avamar servers.

All three vulnerabilities can be combined to fully compromise the virtual appliance by modifying the sshd_config file to allow root login, uploading a new authorized_keys file for root, and a web shell to restart the SSH service. The web shell can also run commands with the same privileges as the “admin” user.


Vulnerability: Authenticated Arbitrary File Access in UserInputService

CVE ID: CVE-2017-15550

Impact: Authenticated users can download arbitrary files with root privileges. This can be combined

with the other two vulnerabilities to fully compromise the virtual appliance.

Details: The getFileContents method of the UserInputService class doesn’t perform any validation of the user supplied filename parameter before retrieving the requested file from the Avamar server. Additionally, the web server runs as root, so any file can be retrieved using this vulnerability.


Vulnerability: Authenticated File Upload in UserInputService

CVE ID: CVE-2017-15549

Impact: Authenticated users can upload arbitrary files to arbitrary locations with root privileges. This can be combined with the other two vulnerabilities to fully compromise the virtual appliance.

Details: The saveFileContents method of the UserInputService class takes a single string parameter and splits it on the “\r” character. The first half of the parameter is a path, including the filename, and the second half of the string is the data that should be written to that path. The web server is running with root privileges, so arbitrary files can be written to arbitrary locations.


Dell, EMC, Dell EMC and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other trademarks may be trademarks of their respective owner