CVE-2026-22762

Dell Avamar Server and Avamar Virtual Edition, versions prior to 19.10 SP1 with CHF338912, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Security. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary file delete.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.dell.com/support/kbdoc/en-us/000425796/dsa-2026-053-security-update-for-dell-avamar-server-and-dell-avamar-virtual-edition-improper-limitation-of-a-pathname-to-a-restricted-directory-path-traversal-vulnerability

Configurations

No configuration.

History

18 Feb 2026, 17:51

Type	Values Removed	Values Added
Summary		(es) Dell Avamar Server y Avamar Virtual Edition, versiones anteriores a 19.10 SP1 con CHF338912, contiene una vulnerabilidad de seguridad de limitación inadecuada de un nombre de ruta a un directorio restringido ('Salto de ruta'). Un atacante con muchos privilegios y acceso remoto podría potencialmente explotar esta vulnerabilidad, lo que podría llevar a la eliminación arbitraria de archivos.

17 Feb 2026, 20:22

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-17 20:22

Updated : 2026-02-18 17:51

NVD link : CVE-2026-22762

Mitre link : CVE-2026-22762

CVE.ORG link : CVE-2026-22762

JSON object : View

Products Affected

No product.

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

6.5 /10