5 matches found
CVE-2018-1215
An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management eManagement: Dell EMC Unisphere for VMAX Virtual Appliance versions prior to...
Hardcoded credentials
A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management eManagement: Dell EMC Unisphere for VMAX Virtual Appliance versions prior to...
EMC vApp Manager Default Credentials
The EMC vApp Manager web application running on the remote host uses a default set of credentials 'smc' / 'smc'. An unauthenticated, remote attacker can exploit this issue to authenticate to the application and perform actions allowed by the default account. Specifically, the attacker can login a...
Dell EMC Patches Critical Flaws in VMAX Enterprise Storage Systems
Dell EMC fixed two critical flaws in its management interfaces for its VMAX enterprise storage systems. One of the vulnerabilities could allow a remote attacker to use a hard-coded password to a default account to gain unauthorized access to systems. The company issued updates that address the tw...
Vulnerability of EMC Unisphere for VMAX Virtual Appliance, EMC VMAX Embedded Management, EMC VASA Virtual Appliance, and EMC Solutions Enabler Virtual Appliance systems lies in their lack of access control mechanisms. This vulnerability allows attackers to bypass authentication procedures.
The vulnerabilities of EMC Unisphere for VMAX Virtual Appliance, EMC VMAX Embedded Management, EMC VASA Virtual Appliance, and EMC Solutions Enabler Virtual Appliance are related to deficiencies in access control. Exploiting these vulnerabilities could allow a malicious actor to bypass...