3 matches found
EMC VMAX VASA Provider Virtual Appliance < 8.4.0 File Upload RCE
The version of EMC VMAX VASA Provider Virtual Appliance running on the remote host is prior to 8.4.0. It is, therefore, affected by a remote code execution vulnerability in the UploadConfigurator servlet due to a failure to restrict file uploads to arbitrary directories. An unauthenticated, remot...
VASA Provider Virtual Appliance 8.3.x Remote Code Execution Exploit
VASA Provider Virtual Appliance versions prior to 8.3.x may potentially be vulnerable to an unauthenticated remote code execution vulnerability. An unauthenticated remote attacker could upload a malicious file to run arbitrary code on the system with root privileges. VASA Provider Virtual Applian...
CVE-2017-4997
The CVE-2017-4997 issue affects EMC VMAX VASA Provider Virtual Appliance (versions 8.3.x and prior). The root cause is an unrestricted UploadConfigurator servlet that allows uploading files, which enables a remote attacker to upload arbitrary code and execute it with root privileges. Public detai...