Lucene search

[email protected]CVE-2015-0545

HistoryJun 29, 2015 - 10:59 a.m.

CVE-2015-0545

2015-06-2910:59:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

emc

unisphere

vmax

8.x

8.0.3.4

cve-2015-0545

jdwp

remote code execution

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.018 Low

EPSS

Percentile

88.1%

JSON

EMC Unisphere for VMAX 8.x before 8.0.3.4 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary code via unspecified vectors.

CPENameOperatorVersion
emc:unisphereemc unisphereeq8.0.2
emc:unisphereemc unisphereeq8.0.3
emc:unisphereemc unisphereeq8.0.0
emc:unisphereemc unisphereeq8.0.1

CPE	Name	Operator	Version
emc:unisphere	emc unisphere	eq	8.0.2
emc:unisphere	emc unisphere	eq	8.0.3
emc:unisphere	emc unisphere	eq	8.0.0
emc:unisphere	emc unisphere	eq	8.0.1

References

seclists.org/bugtraq/2015/Jun/129

www.securitytracker.com/id/1032732

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.018 Low

EPSS

Percentile

88.1%

JSON

Related for CVE-2015-0545

prion1 securityvulns2