Lucene search

[email protected]CVE-2016-8211

HistoryFeb 03, 2017 - 7:59 a.m.

CVE-2016-8211

2017-02-0307:59:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2016-8211

emc

data protection advisor

path traversal

vulnerability

nvd

security

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.3 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.1%

JSON

EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users to compromise the affected system.

Affected configurations

NVD

Node

dellemc_data_protection_advisorMatch6.1

dellemc_data_protection_advisorMatch6.2

dellemc_data_protection_advisorMatch6.2.1

dellemc_data_protection_advisorMatch6.2.2

dellemc_data_protection_advisorMatch6.2.3

CPENameOperatorVersion
dell:emc_data_protection_advisordell emc data protection advisoreq6.1
dell:emc_data_protection_advisordell emc data protection advisoreq6.2
dell:emc_data_protection_advisordell emc data protection advisoreq6.2.1
dell:emc_data_protection_advisordell emc data protection advisoreq6.2.2
dell:emc_data_protection_advisordell emc data protection advisoreq6.2.3

CPE	Name	Operator	Version
dell:emc_data_protection_advisor	dell emc data protection advisor	eq	6.1
dell:emc_data_protection_advisor	dell emc data protection advisor	eq	6.2
dell:emc_data_protection_advisor	dell emc data protection advisor	eq	6.2.1
dell:emc_data_protection_advisor	dell emc data protection advisor	eq	6.2.2
dell:emc_data_protection_advisor	dell emc data protection advisor	eq	6.2.3

CNA Affected

[
  {
    "product": "EMC Data Protection Advisor EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "EMC Data Protection Advisor EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446"
      }
    ]
  }
]

References

www.securityfocus.com/archive/1/540067/30/0/threaded

www.securityfocus.com/bid/95833

www.securitytracker.com/id/1037729

Social References

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.3 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.1%

JSON

Related for CVE-2016-8211

prion1 zdi1 openvas1 cvelist1 nvd1