55 matches found
EMC RecoverPoint Local Information Disclosure Vulnerability
EMC RecoverPoint and EMC RecoverPoint for Virtual Machines VMs are both products of EMC Corporation. The former is a set of disaster recovery and data protection software, and the latter is a disaster recovery solution for VMware environments. An information disclosure vulnerability exists in EMC...
CVE-2016-6648
EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by sensitive information disclosure vulnerability as a result of incorrect permissions set on a sensitive system file. A malicious administrator with configuration privileges may...
Command injection
EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by multiple command injection vulnerabilities where a malicious administrator with configuration privileges may bypass the user interface and escalate his privileges to root...
Information disclosure
EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by sensitive information disclosure vulnerability as a result of incorrect permissions set on a sensitive system file. A malicious administrator with configuration privileges may...
CVE-2016-6648
EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by sensitive information disclosure vulnerability as a result of incorrect permissions set on a sensitive system file. A malicious administrator with configuration privileges may...
CVE-2016-6649
EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by multiple command injection vulnerabilities where a malicious administrator with configuration privileges may bypass the user interface and escalate his privileges to root...
CVE-2016-6648
EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by sensitive information disclosure vulnerability as a result of incorrect permissions set on a sensitive system file. A malicious administrator with configuration privileges may...
ESA-2015-115: EMC RecoverPoint for Virtual Machines (VMs) Restriction Bypass Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-115: EMC RecoverPoint for Virtual Machines VMs Restriction Bypass Vulnerability EMC Identifier: ESA-2015-115 CVE Identifier: CVE-2015-4526 Severity Rating: CVSSv2 Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C Affected products: • EMC RecoverPoin...
CVE-2015-4526
EMC RecoverPoint for Virtual Machines VMs 4.2 allows local users to obtain root-shell access by bypassing the Installation Manager Boxmgmt CLI interface...
Design/Logic Flaw
EMC RecoverPoint for Virtual Machines VMs 4.2 allows local users to obtain root-shell access by bypassing the Installation Manager Boxmgmt CLI interface...
CVE-2015-4526
EMC RecoverPoint for Virtual Machines VMs 4.2 allows local users to obtain root-shell access by bypassing the Installation Manager Boxmgmt CLI interface...
ESA-2014-074: EMC RecoverPoint Appliance Security Control Bypass Vulnerability
ESA-2014-074.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-074: EMC RecoverPoint Appliance Security Control Bypass Vulnerability EMC Identifier: ESA-2014-074 CVE Identifier: CVE-2014-2519 Severity Rating: CVSS v2 Base Score: 5.8 AV:N/AC:M/Au:N/C:P/I:N/A:P Affected products: • EMC...
EMC RecoverPoint Appliance restrictions bypass
Access to arbitrary ports is not restricted...
CVE-2014-2519
The default configuration of EMC RecoverPoint Appliance RPA 4.1 before 4.1.0.1 does not enable a firewall, which allows remote attackers to obtain potentially sensitive information about open ports, or cause a denial of service, by sending packets to many ports...
Default configuration
The default configuration of EMC RecoverPoint Appliance RPA 4.1 before 4.1.0.1 does not enable a firewall, which allows remote attackers to obtain potentially sensitive information about open ports, or cause a denial of service, by sending packets to many ports...