Lucene search
K

141 matches found

Zero Day Initiative
Zero Day Initiative
added 2017/08/25 12:0 a.m.29 views

EMC Data Protection Advisor RequestHistoryResource orderby SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of EMC Data Protection Advisor. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within...

6.8CVSS8.6AI score0.02275EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2017/08/25 12:0 a.m.38 views

EMC Data Protection Advisor BaseRestEntityResource orderby SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of EMC Data Protection Advisor. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within...

6.8CVSS8.6AI score0.02275EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2017/07/13 12:0 a.m.25 views

EMC Data Protection Advisor < 6.4 Multiple Vulnerabilities

According to it's self-reported version number, the EMC Data Protection Advisor running on the remote host is prior to 6.4. It is, therefore, affected by multiple vulnerabilities : - Multiple blind SQL injection vulnerabilities exist due to improper sanitization of user-supplied input before usin...

8.8CVSS7.3AI score0.02585EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2017/07/11 12:0 a.m.26 views

EMC Data Protection Advisor Multiple Vulnerabilities (Jul 2017)

EMC Data Protection Advisor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.8CVSS6.8AI score0.02585EPSS
Exploits1References1
CNVD
CNVD
added 2017/07/10 12:0 a.m.3 views

EMC Data Protection 'input' Parameter Directory Traversal Vulnerability

EMC Data Protection Advisor is a data protection management solution from EMC Corporation. The solution supports automated and centralized execution of all such data collection and analysis, as well as obtaining a single comprehensive view of the data protection environment and activities. A...

6.8CVSS6.9AI score0.02585EPSS
Exploits1References1
CNVD
CNVD
added 2017/07/10 12:0 a.m.5 views

EMC Data Protection SQL Injection Vulnerability

EMC Data Protection Advisor is a data protection management solution from EMC Corporation. The solution supports automated and centralized execution of all such data collection and analysis, as well as obtaining a single comprehensive view of the data protection environment and activities. A SQL...

8.8CVSS8.6AI score0.02275EPSS
Exploits1References1
Prion
Prion
added 2017/07/09 8:29 p.m.16 views

Path traversal

EMC Data Protection Advisor prior to 6.4 contains a path traversal vulnerability. A remote authenticated high privileged user may potentially exploit this vulnerability to access unauthorized information from the underlying OS server by supplying specially crafted strings in input parameters of t...

6.8CVSS4.8AI score0.02585EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2017/07/09 8:29 p.m.4 views

CVE-2017-8002

EMC Data Protection Advisor prior to 6.4 contains multiple blind SQL injection vulnerabilities. A remote authenticated attacker may potentially exploit these vulnerabilities to gain information about the application by causing execution of arbitrary SQL commands...

8.8CVSS6AI score0.02275EPSS
Exploits1References3
OSV
OSV
added 2017/07/09 8:29 p.m.5 views

CVE-2017-8003

EMC Data Protection Advisor prior to 6.4 contains a path traversal vulnerability. A remote authenticated high privileged user may potentially exploit this vulnerability to access unauthorized information from the underlying OS server by supplying specially crafted strings in input parameters of t...

4.9CVSS5.8AI score0.02585EPSS
Exploits1References3
Prion
Prion
added 2017/07/09 8:29 p.m.15 views

Sql injection

EMC Data Protection Advisor prior to 6.4 contains multiple blind SQL injection vulnerabilities. A remote authenticated attacker may potentially exploit these vulnerabilities to gain information about the application by causing execution of arbitrary SQL commands...

6.5CVSS9AI score0.02275EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2017/07/09 8:29 p.m.16 views

CVE-2017-8003

EMC Data Protection Advisor prior to 6.4 contains a path traversal vulnerability. A remote authenticated high privileged user may potentially exploit this vulnerability to access unauthorized information from the underlying OS server by supplying specially crafted strings in input parameters of t...

6.8CVSS4.5AI score0.02585EPSS
Exploits1References3
Cvelist
Cvelist
added 2017/07/09 8:0 p.m.26 views

CVE-2017-8002

EMC Data Protection Advisor prior to 6.4 contains multiple blind SQL injection vulnerabilities. A remote authenticated attacker may potentially exploit these vulnerabilities to gain information about the application by causing execution of arbitrary SQL commands...

9.3AI score0.02275EPSS
Exploits1References3
CVE
CVE
added 2017/07/09 8:0 p.m.48 views

CVE-2017-8002

EMC Data Protection Advisor prior to 6.4 is affected by multiple blind SQL injection vulnerabilities (CVE-2017-8002). The authenticated remote attacker could exploit these to cause arbitrary SQL commands and disclose/manipulate data via the backend database. Affected component behavior is tied to...

8.8CVSS9.1AI score0.02275EPSS
Exploits1References3Affected Software1
0day.today
0day.today
added 2017/07/08 12:0 a.m.63 views

EMC Data Protection Advisor SQL Injection / Path Traversal Vulnerabilities

Exploit for windows platform in category web applications EMC Data Protection Advisor Multiple Vulnerabilities CVE Identifier CVE-2017-8002, CVE-2017-8003 Severity: Medium Severity Rating: CVSS Base Score View details below for individual CVSS Score for each CVE Affected products: EMC Data...

6.8CVSS7.1AI score0.02585EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2017/06/12 12:0 a.m.28 views

EMC Data Protection Advisor ImageServlet Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of EMC Data Protection Advisor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ImageServlet servlet which listens on TCP ports 9002 and 9004...

5CVSS2AI score0.02965EPSS
Exploits0References1
CNVD
CNVD
added 2017/02/06 12:0 a.m.4 views

EMC Data Protection Advisor Catalog Traversal Vulnerability

EMC Data Protection Advisor is a unified data protection management solution. A directory traversal vulnerability exists in EMC Data Protection Advisor, which allows remote attackers to submit a special request to view the contents of system files...

7.5CVSS6.9AI score0.02965EPSS
Exploits0References1
OSV
OSV
added 2017/02/03 7:59 a.m.5 views

CVE-2016-8211

EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users to compromise the...

7.5CVSS5.8AI score0.02965EPSS
Exploits0References3
Prion
Prion
added 2017/02/03 7:59 a.m.10 views

Path traversal

EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users to compromise the...

5CVSS6.9AI score0.02965EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2017/02/03 7:59 a.m.15 views

CVE-2016-8211

EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users to compromise the...

7.5CVSS7.4AI score0.02965EPSS
Exploits0References3
CVE
CVE
added 2017/02/03 7:24 a.m.51 views

CVE-2016-8211

EMC Data Protection Advisor (DPA) is affected by a path traversal vulnerability (CVE-2016-8211) in the ImageServlet component. The issue exists on DPA installations listening on ports 9002 and 9004, caused by improper validation of a user-supplied path before file operations, enabling an unauthen...

7.5CVSS7.3AI score0.02965EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder