136 matches found
CVE-2018-15765
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains an Information Exposure vulnerability. The log file contents store sensitive data including executed commands to generate authentication tokens which may prove useful to an attacker for crafting malicious authentication token...
Input validation
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains Improper File Permission Vulnerabilities. The application contains multiple configuration files with world-readable permissions that could allow an authenticated malicious user to utilize the file contents to potentially...
CVE-2018-11079
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains a Plaintext Password Storage vulnerability. Database credentials are stored in plaintext in a configuration file. An authenticated malicious user with access to the configuration file may obtain the exposed password to gain...
CVE-2018-11080
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains Improper File Permission Vulnerabilities. The application contains multiple configuration files with world-readable permissions that could allow an authenticated malicious user to utilize the file contents to potentially...
CVE-2018-15765
CVE-2018-15765 affects Dell EMC Secure Remote Services prior to 3.32.00.08. The vulnerability is an Information Exposure in which log files contain sensitive data, including executed commands that generate authentication tokens. This data could help an attacker craft malicious authentication toke...
CVE-2018-11080
Affected product: Dell EMC ESRS (Secure Remote Services) / ESRS Virtual Edition. Vulnerability: Improper file permissions in multiple configuration files that are world-readable, enabling an authenticated attacker to access file contents and potentially elevate privileges. Versions impacted: ESRS...
CVE-2018-15765
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains an Information Exposure vulnerability. The log file contents store sensitive data including executed commands to generate authentication tokens which may prove useful to an attacker for crafting malicious authentication token...
CVE-2018-11079
CVE-2018-11079 affects Dell EMC Secure Remote Services (ESRS) prior to 3.32.00.08. The vulnerability is plaintext storage of database credentials in a configuration file, allowing an authenticated user with access to that file to obtain the password and gain access to the application database. Se...
Dell EMC ESRS Virtual Edition Information Disclosure Vulnerability
Dell EMC ESRS is a secure storage product from DEll. An information disclosure vulnerability exists in Dell EMC ESRS Virtual Edition, where the contents of log files store sensitive data, including commands executed to generate authentication tokens, which could be useful to an attacker for...
BMW multi models is the exposure of a common security vulnerability, a hacker remote attack-vulnerability warning-the black bar safety net
5 on 22 May, Tencent Cohen Laboratory released a BMW, many different models of 14 common security vulnerabilities, these vulnerabilities can be through physical contact and remote non-contact and other ways triggered, according to its official blog to reveal that at present all the vulnerability...
[SECURITY] Fedora 26 Update: python-jsonrpclib-0.3.1-1.fc26
This project is an implementation of the JSON-RPC v2.0 specification backwards-compatible as a client library, for Python 2.7 and Python 3. This version is a fork of jsonrpclib by Josh Marshall, usable with Pelix remote services...
Subaru car software vulnerability analysis—never a failure of token-vulnerability warning-the black bar safety net
Not long ago, one from California car, information security researcher Aaron Guzman, in Australia, held a computer security conference to introduce a black into the Subaru car of the method. In his own 2017 Subaru WRX STI was found in a surprising number of software vulnerabilities, through these...
EMC Secure Remote Services Detection
This script performs SSH based detection of EMC Secure Remote Services SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
EMC Secure Remote Services Webinterface Detection
This script performs HTTP based detection of EMC Secure Remote Services Webinterface SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...
CVE-2016-3564
Unspecified vulnerability in the Oracle TopLink component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JPA-RS...
Directory traversal
Directory traversal vulnerability in the API in EMC Secure Remote Services Virtual Edition 3.x before 3.10 allows remote authenticated users to read log files via a crafted parameter...
CVE-2015-6852
CVE-2015-6852 affects EMC Secure Remote Services Virtual Edition 3.x prior to 3.10. The API is vulnerable to a directory traversal issue that allows remote authenticated users to read log files via a crafted parameter. The vulnerability is described in multiple sources (NVD/CNVD) with a CVSS v3 b...
EMC Secure Remote Services Virtual Edition Directory Traversal Vulnerability
EMC Secure Remote Services Virtual Edition ESRS VE is a suite of remote services virtual edition software from EMC Corporation. The software is used to provide a remote connection between EMC customer service and the user's EMC products and solutions. A directory traversal vulnerability exists in...
eWON XSS / CSRF / Session Management / RBAC Issues
eWON sa Industrial router - Multiple Vulnerabilities eWON connects the machine across the Internet Breaking the barrier between industrial applications and IT standards, the mission of eWON is to connect industrial machines securely to the Internet, enabling easy remote access and gathering all...
Weak authentication in EMC Secure Remote Services Virtual Edition Web Portal
------------------------------------------------------------------------ Weak authentication in EMC Secure Remote Services Virtual Edition Web Portal ------------------------------------------------------------------------ Han Sahin, November 2014...