发布日期：2021-07-27
更新日期：2021-08-18

受影响系统：

Dell EMC Avamar Server 7.5.1
Dell EMC Avamar Server 7.5.0
Dell EMC Avamar Server 7.4.1
Dell EMC Avamar Server 19.2
Dell EMC Avamar Server 19.1
Dell EMC Avamar Server 18.2
Dell Integrated Data Protection Appliance 2.4.1
Dell Integrated Data Protection Appliance 2.4
Dell Integrated Data Protection Appliance 2.3
Dell Integrated Data Protection Appliance 2.2
Dell Integrated Data Protection Appliance 2.1
Dell Integrated Data Protection Appliance 2.0

描述：

---

CVE(CAN) ID: CVE-2020-5341

Dell EMC Avamar Server是美国戴尔（DELL）公司的一套用于服务器的完全虚拟化的备份和恢复软件。
Dell EMC Avamar Server和Dell EMC Integrated Data Protection Appliance存在不安全数据反序列化漏洞。远程攻击者可通过漏洞发送序列化的有效负载利用该漏洞在系统上执行代码。

<*链接：https://www.dell.com/support/kbdoc/zh-cn/000153699/dsa-2020-057-dell-emc-avamar-server-and-dell-emc-
*>

建议：

---

厂商补丁：

Dell
----
Dell已经为此发布了一个安全公告（DSA-2020-057）以及相应补丁:
DSA-2020-057：DSA-2020-057: Dell EMC Avamar Server and Dell EMC Integrated Data Protection Appliance Deserialization of Untrusted Data Vulnerability
链接：https://www.dell.com/support/kbdoc/zh-cn/000153699/dsa-2020-057-dell-emc-avamar-server-and-dell-emc-

浏览次数：828
严重程度：0（网友投票）