Lucene search
K

124 matches found

CVE
CVE
added 2021/11/02 11:29 p.m.64 views

CVE-2021-20700

CVE-2021-20700 affects NEC’s CLUSTERPRO X and EXPRESSCLUSTER X (Windows) up to 4.3 and related SingleServerSafe variants. The vulnerability is a Buffer overflow in the Disk Agent (CWE-119) that can allow remote code execution over the network. Affected components include Disk Agent, Transaction S...

9.8CVSS9.7AI score0.02073EPSS
Exploits0References1Affected Software4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/10/29 12:0 a.m.94 views

JVN#69304877: Multiple vulnerabilities in CLUSTERPRO X and EXPRESSCLUSTER X

CLUSTERPRO X and EXPRESSCLUSTER X provided by NEC Corporation contain multiple vulnerabilities listed below. Buffer overflow in the Disk Agent CWE-119 - CVE-2021-20700、CVE-2021-20701 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score: 9.8 CVSS v2|...

9.8CVSS9.4AI score0.02131EPSS
Exploits0
CNNVD
CNNVD
added 2021/10/29 12:0 a.m.11 views

NEC Corporation CLUSTERPRO缓冲区错误漏洞

NEC Corporation CLUSTERPRO is an HA clustering software from NEC. A buffer error vulnerability exists in NEC Corporation CLUSTERPRO X version 1.0 and EXPRESSCLUSTER X version 1.0 that originates from a boundary error in the software transaction server. A remote attacker could exploit the...

9.8CVSS9.2AI score0.02073EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/10/29 12:0 a.m.19 views

NEC Corporation CLUSTERPRO缓冲区错误漏洞

NEC Corporation CLUSTERPRO is an HA clustering software from NEC. A buffer error vulnerability exists in NEC Corporation CLUSTERPRO X version 1.0 and EXPRESSCLUSTER X version 1.0 that originates from a boundary error in the software transaction server. A remote attacker could exploit the...

9.8CVSS9.2AI score0.02073EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/10/29 12:0 a.m.12 views

NEC Corporation CLUSTERPRO 输入验证错误漏洞

NEC Corporation CLUSTERPRO is an HA clustering software from NEC. An input validation error vulnerability exists in NEC Corporation CLUSTERPRO X version 1.0 and EXPRESSCLUSTER X version 1.0, which originates due to insufficient validation of user-supplied input by the software in the transaction...

7.5CVSS8AI score0.00954EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/10/29 12:0 a.m.11 views

NEC Corporation CLUSTERPRO 输入验证错误漏洞

NEC Corporation CLUSTERPRO is a HA clustering software from NEC. An input validation error vulnerability exists in NEC Corporation CLUSTERPRO X version 1.0 and EXPRESSCLUSTER X version 1.0, which stems from insufficient validation of user-supplied input in the software's WebManager. A remote...

7.5CVSS8AI score0.01078EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/10/29 12:0 a.m.8 views

NEC Corporation CLUSTERPRO 输入验证错误漏洞

NEC Corporation CLUSTERPRO is a HA clustering software from NEC. An input validation error vulnerability exists in NEC Corporation CLUSTERPRO X version 1.0 and EXPRESSCLUSTER X version 1.0, which stems from insufficient validation of user-supplied input in the software's WebManager. A remote...

7.5CVSS8AI score0.01078EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/10/29 12:0 a.m.7 views

NEC Corporation CLUSTERPRO 缓冲区错误漏洞

NEC Corporation CLUSTERPRO is an HA clustering software from NEC. A buffer error vulnerability exists in NEC Corporation CLUSTERPRO X version 1.0 and EXPRESSCLUSTER X version 1.0 that originates from a boundary error in the software transaction server. A remote attacker could exploit the...

9.8CVSS9.2AI score0.02131EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/10/29 12:0 a.m.17 views

NEC Corporation CLUSTERPRO 和 EXPRESSCLUSTER 缓冲区错误漏洞

Nec Expresscluster X is a specialized high availability cluster software from Nec Corporation of Japan. It is used to initiate a fast restore function and continuously protect critical applications and data.NEC Corporation CLUSTERPRO is a HA cluster software from NEC. A buffer error vulnerability...

9.8CVSS9AI score0.02073EPSS
Exploits0References3
Veeam
Veeam
added 2021/08/27 12:0 a.m.17 views

Architecture Guideline for NEC EXPRESSCLUSTER X

Challenge When using NEC EXPRESSCLUSTER X NEC CLUSTERPRO X in Japan Market with Veeam Agent for Microsoft Windows or Veeam Backup & Replication, there are specific configuration requirements to ensure successful backup and restores. Solution Please refer to the Software Integration Guide on the N...

6.8AI score
Exploits0Affected Software2
OSV
OSV
added 2020/09/10 5:15 p.m.4 views

CVE-2020-17408

This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ExpressCluster 4.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the clpwebmc executable. Due to the improper restriction of XML External...

7.5CVSS7.1AI score0.73962EPSS
Exploits0References2
NVD
NVD
added 2020/09/10 5:15 p.m.26 views

CVE-2020-17408

This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ExpressCluster 4.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the clpwebmc executable. Due to the improper restriction of XML External...

7.5CVSS0.73962EPSS
Exploits0References2
Prion
Prion
added 2020/09/10 5:15 p.m.12 views

Xxe

This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ExpressCluster 4.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the clpwebmc executable. Due to the improper restriction of XML External...

5CVSS7.4AI score0.73962EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/09/10 4:35 p.m.33 views

CVE-2020-17408

This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ExpressCluster 4.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the clpwebmc executable. Due to the improper restriction of XML External...

7.5CVSS7.3AI score0.73962EPSS
Exploits0References2
CVE
CVE
added 2020/09/10 4:35 p.m.49 views

CVE-2020-17408

The connected sources confirm a XXE vulnerability in NEC ExpressCluster (clpwebmc) affecting NEC CLUSTERPRO X/EXPRESSCLUSTER X 4.1/4.2. Root cause: improper restriction of XML External Entity references allows remote attackers to disclose sensitive information via specially crafted XML, in the co...

7.5CVSS7.4AI score0.73962EPSS
Exploits0References2Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2020/09/08 12:0 a.m.28 views

NEC ExpressCluster ApplyConfig XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ExpressCluster. Authentication is not required to exploit this vulnerability. The specific flaw exists within the clpwebmc executable. Due to the improper restriction of XML External Enti...

7.5CVSS3AI score0.73962EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/08/31 6:10 a.m.2 views

CLUSTERPRO X and EXPRESSCLUSTER X vulnerable to XML external entity injection (XXE)

Overview CLUSTERPRO X and EXPRESSCLUSTER X provided by NEC Corporation contain an XML external entity injection XXE vulnerability CWE-611. NEC Corporation reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and NEC Corporation coordinated under the Informatio...

7.5CVSS7.3AI score0.73962EPSS
Exploits0References6
CNVD
CNVD
added 2016/02/02 12:0 a.m.4 views

NEC EXPRESSCLUSTER X-1 on Linux Solaris Directory Traversal Vulnerability

NEC EXPRESSCLUSTER X on Windows, Linux, and Solaris is a suite of clustering software dual hot standby software from Nippon Electric Company NEC for Windows, Linux, and Solaris platforms. The software provides features such as shared disk arrays, automatic error detection and notification, and...

7.8CVSS6.9AI score0.03821EPSS
Exploits0References1
OSV
OSV
added 2016/01/30 3:59 p.m.4 views

CVE-2016-1145

Directory traversal vulnerability in WebManager in NEC EXPRESSCLUSTER X through 3.3 11.31 on Windows and through 3.3 3.3.1-1 on Linux and Solaris allows remote attackers to read arbitrary files via unspecified vectors...

7.5CVSS5.9AI score0.03821EPSS
Exploits0References3
NVD
NVD
added 2016/01/30 3:59 p.m.13 views

CVE-2016-1145

Directory traversal vulnerability in WebManager in NEC EXPRESSCLUSTER X through 3.3 11.31 on Windows and through 3.3 3.3.1-1 on Linux and Solaris allows remote attackers to read arbitrary files via unspecified vectors...

7.8CVSS7.5AI score0.03821EPSS
Exploits0References3
Rows per page
Query Builder