Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-2278

Malware in sbrugna...

6.8CVSS6.4AI score0.01398EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-0676

Malware in sbrugna...

4.7CVSS6.4AI score0.00317EPSS
Exploits1References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

EMC Cloud Tiering Appliance v10.0 Unauthenticated XXE Arbitrary File Read

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register import re class TestPOCPOCBase: vulID = '85903' ssvid version = '1.0' author = 'kikay' vulDate = '2014-04-16' createDate ...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2014/05/04 12:0 a.m.63 views

ESA-2014-028: EMC Cloud Tiering Appliance XML External Entity (XXE) and Information Disclosure Vulnerabilities

ESA-2014-028.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-028: EMC Cloud Tiering Appliance XML External Entity XXE and Information Disclosure Vulnerabilities EMC Identifier: ESA-2014-028 CVE Identifier: CVE-2014-0644, CVE-2014-0645 Severity Rating: CVSS v2 Base Score: See below for...

7.8CVSS2AI score0.53342EPSS
Exploits3
seebug.org
seebug.org
added 2014/04/21 12:0 a.m.26 views

EMC Cloud Tiering Appliance (CTA)本地信息泄漏漏洞

Bugtraq ID:66937 CVE ID:CVE-2014-0645 EMC Cloud Tiering Appliance能够协助存储管理人员有效简单的管理以档案为单位的非结构性数据。 EMC Cloud Tiering Appliance把root, super, admin内置账户的默认密码使用DES加密算法存储,允许攻击者利用漏洞可恢复这些密码。 0 EMC Cloud Tiering Appliance CTA 10 EMC Cloud Tiering Appliance CTA 10 SP1 EMC Cloud Tiering Appliance CTA 9.x EMC...

4.7CVSS6.6AI score0.00317EPSS
Exploits1
NVD
NVD
added 2014/04/17 1:55 a.m.14 views

CVE-2014-0645

EMC Cloud Tiering Appliance CTA 9.x through 10 SP1 and File Management Appliance FMA 7.x store DES password hashes for the root, super, and admin accounts, which makes it easier for context-dependent attackers to obtain sensitive information via a brute-force attack...

4.7CVSS6.1AI score0.00317EPSS
Exploits1References3
NVD
NVD
added 2014/04/17 1:55 a.m.20 views

CVE-2014-0644

EMC Cloud Tiering Appliance CTA 10 through SP1 allows remote attackers to read arbitrary files via an api/login request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, as demonstrated by reading the /etc/shadow fi...

7.8CVSS6.6AI score0.53342EPSS
Exploits2References3
Prion
Prion
added 2014/04/17 1:55 a.m.13 views

Xxe

EMC Cloud Tiering Appliance CTA 10 through SP1 allows remote attackers to read arbitrary files via an api/login request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, as demonstrated by reading the /etc/shadow fi...

7.8CVSS7.2AI score0.53342EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2014/04/17 1:0 a.m.27 views

CVE-2014-0644

EMC Cloud Tiering Appliance CTA 10 through SP1 allows remote attackers to read arbitrary files via an api/login request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, as demonstrated by reading the /etc/shadow fi...

6.6AI score0.53342EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2014/04/07 12:0 a.m.12 views

EMC Cloud Tiering Appliance Web Interface Detection

Binary data emcctadetect.nbin...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/04/07 12:0 a.m.44 views

EMC Cloud Tiering Appliance User Interface Default Credentials

The remote EMC Cloud Tiering Appliance user interface uses a known set of default credentials. Knowing these, an attacker with access to the service can gain administrative access to the device. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/04/07 12:0 a.m.410 views

Default Password (rain) for 'root' Account

The account 'root' on the remote host has the password 'rain'. An attacker may leverage this to gain access, likely as an administrator, to the affected system. Note that EMC Cloud Tiering Appliance is known to use these credentials by default. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

7.5CVSS8.2AI score0.53618EPSS
Exploits41References1
seebug.org
seebug.org
added 2014/04/04 12:0 a.m.22 views

EMC Cloud Tiering Appliance (CTA) XML外部实体注入漏洞

Bugtraq ID:66547 EMC Cloud Tiering Appliance能够协助存储管理人员有效简单的管理以档案为单位的非结构性数据。 EMC Cloud Tiering Appliance在解析XML数据时存在输入验证漏洞可导致XML注入漏洞,允许攻击者提交特殊的POST请求,获取敏感信息。 0 EMC Cloud Tiering Appliance CTA 10.0 目前没有详细解决方案: http://china.emc.com/archiving/cloud-tiering-appliance.htm POST /api/login HTTP/1.1 Host:...

7.1AI score
Exploits0
0day.today
0day.today
added 2014/04/01 12:0 a.m.22 views

EMC Cloud Tiering Appliance v10.0 Unauthenticated XXE Arbitrary File Read

EMC Cloud Tiering appliance version 10.0 suffers from an unauthenticated XXE injection vulnerability. Metasploit module proof of concept is included. EMC Cloud Tiering Appliance v10.0 Unauthed XXE The following authentication request is susceptible to an XXE attack: POST /api/login HTTP/1.1 Host:...

7.6AI score
Exploits0
OpenVAS
OpenVAS
added 2014/04/01 12:0 a.m.20 views

EMC Cloud Tiering Appliance 10.0 Unauthenticated XXE Arbitrary File Read Vulnerability - Active Check

EMC Cloud Tiering Appliance CTA is susceptible to an unauthenticated XML external entity XXE vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.8CVSS5.8AI score0.53342EPSS
Exploits2References2
Packet Storm
Packet Storm
added 2014/03/31 12:0 a.m.24 views

EMC Cloud Tiering Appliance 10.0 XXE Injection

EMC Cloud Tiering Appliance v10.0 Unauthed XXE The following authentication request is susceptible to an XXE attack: POST /api/login HTTP/1.1 Host: 172.31.16.99 User-Agent: Mozilla/5.0 X11; Ubuntu; Linux x8664; rv:26.0 Gecko/20100101 Firefox/26.0 Accept:...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2014/03/31 12:0 a.m.32 views

EMC Cloud Tiering Appliance 10.0 - XML External Entity Arbitrary File Read (Metasploit)

EMC Cloud Tiering Appliance v10.0 Unauthed XXE The following authentication request is susceptible to an XXE attack: POST /api/login HTTP/1.1 Host: 172.31.16.99 User-Agent: Mozilla/5.0 X11; Ubuntu; Linux x8664; rv:26.0 Gecko/20100101 Firefox/26.0 Accept:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2014/03/31 12:0 a.m.23 views

EMC Cloud Tiering Appliance 10.0 - XML External Entity Arbitrary File Read (Metasploit)

EMC Cloud Tiering Appliance 10.0 - XML External Entity Arbitrary File Read Metasploit EMC Cloud Tiering Appliance v10.0 Unauthed XXE The following authentication request is susceptible to an XXE attack: POST /api/login HTTP/1.1 Host: 172.31.16.99 User-Agent: Mozilla/5.0 X11; Ubuntu; Linux x8664;...

Exploits0
Prion
Prion
added 2012/08/29 10:55 p.m.13 views

Authentication flaw

EMC Cloud Tiering Appliance aka CTA, formerly FMA 9.0 and earlier, and Cloud Tiering Appliance Virtual Edition CTA/VE 9.0 and earlier, allows remote attackers to obtain GUI administrative access by sending a crafted file during the authentication phase...

6.8CVSS7.3AI score0.01398EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2012/08/29 10:0 p.m.21 views

CVE-2012-2285

EMC Cloud Tiering Appliance aka CTA, formerly FMA 9.0 and earlier, and Cloud Tiering Appliance Virtual Edition CTA/VE 9.0 and earlier, allows remote attackers to obtain GUI administrative access by sending a crafted file during the authentication phase...

6.8AI score0.01398EPSS
Exploits0References5
Rows per page
Query Builder