141 matches found
EMC Data Protection Advisor RequestHistoryResource orderby SQL Injection Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of EMC Data Protection Advisor. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within...
EMC Data Protection Advisor BaseRestEntityResource orderby SQL Injection Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of EMC Data Protection Advisor. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within...
EMC Data Protection Advisor < 6.4 Multiple Vulnerabilities
According to it's self-reported version number, the EMC Data Protection Advisor running on the remote host is prior to 6.4. It is, therefore, affected by multiple vulnerabilities : - Multiple blind SQL injection vulnerabilities exist due to improper sanitization of user-supplied input before usin...
EMC Data Protection Advisor Multiple Vulnerabilities (Jul 2017)
EMC Data Protection Advisor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
EMC Data Protection 'input' Parameter Directory Traversal Vulnerability
EMC Data Protection Advisor is a data protection management solution from EMC Corporation. The solution supports automated and centralized execution of all such data collection and analysis, as well as obtaining a single comprehensive view of the data protection environment and activities. A...
EMC Data Protection SQL Injection Vulnerability
EMC Data Protection Advisor is a data protection management solution from EMC Corporation. The solution supports automated and centralized execution of all such data collection and analysis, as well as obtaining a single comprehensive view of the data protection environment and activities. A SQL...
Path traversal
EMC Data Protection Advisor prior to 6.4 contains a path traversal vulnerability. A remote authenticated high privileged user may potentially exploit this vulnerability to access unauthorized information from the underlying OS server by supplying specially crafted strings in input parameters of t...
CVE-2017-8002
EMC Data Protection Advisor prior to 6.4 contains multiple blind SQL injection vulnerabilities. A remote authenticated attacker may potentially exploit these vulnerabilities to gain information about the application by causing execution of arbitrary SQL commands...
CVE-2017-8003
EMC Data Protection Advisor prior to 6.4 contains a path traversal vulnerability. A remote authenticated high privileged user may potentially exploit this vulnerability to access unauthorized information from the underlying OS server by supplying specially crafted strings in input parameters of t...
Sql injection
EMC Data Protection Advisor prior to 6.4 contains multiple blind SQL injection vulnerabilities. A remote authenticated attacker may potentially exploit these vulnerabilities to gain information about the application by causing execution of arbitrary SQL commands...
CVE-2017-8003
EMC Data Protection Advisor prior to 6.4 contains a path traversal vulnerability. A remote authenticated high privileged user may potentially exploit this vulnerability to access unauthorized information from the underlying OS server by supplying specially crafted strings in input parameters of t...
CVE-2017-8002
EMC Data Protection Advisor prior to 6.4 contains multiple blind SQL injection vulnerabilities. A remote authenticated attacker may potentially exploit these vulnerabilities to gain information about the application by causing execution of arbitrary SQL commands...
CVE-2017-8002
EMC Data Protection Advisor prior to 6.4 is affected by multiple blind SQL injection vulnerabilities (CVE-2017-8002). The authenticated remote attacker could exploit these to cause arbitrary SQL commands and disclose/manipulate data via the backend database. Affected component behavior is tied to...
EMC Data Protection Advisor SQL Injection / Path Traversal Vulnerabilities
Exploit for windows platform in category web applications EMC Data Protection Advisor Multiple Vulnerabilities CVE Identifier CVE-2017-8002, CVE-2017-8003 Severity: Medium Severity Rating: CVSS Base Score View details below for individual CVSS Score for each CVE Affected products: EMC Data...
EMC Data Protection Advisor ImageServlet Directory Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of EMC Data Protection Advisor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ImageServlet servlet which listens on TCP ports 9002 and 9004...
EMC Data Protection Advisor Catalog Traversal Vulnerability
EMC Data Protection Advisor is a unified data protection management solution. A directory traversal vulnerability exists in EMC Data Protection Advisor, which allows remote attackers to submit a special request to view the contents of system files...
CVE-2016-8211
EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users to compromise the...
Path traversal
EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users to compromise the...
CVE-2016-8211
EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users to compromise the...
CVE-2016-8211
EMC Data Protection Advisor (DPA) is affected by a path traversal vulnerability (CVE-2016-8211) in the ImageServlet component. The issue exists on DPA installations listening on ports 9002 and 9004, caused by improper validation of a user-supplied path before file operations, enabling an unauthen...