Lucene search
+L

208 matches found

NVD
NVD
added 2014/08/07 11:13 a.m.15 views

CVE-2014-3459

Heap-based buffer overflow in SolarWinds Network Configuration Manager NCM before 7.3 allows remote attackers to execute arbitrary code via the PEstrarg1 property...

6.8CVSS8.1AI score0.11564EPSS
Exploits0References1
CVE
CVE
added 2014/08/07 10:0 a.m.47 views

CVE-2014-3459

The CVE-2014-3459 issue affects SolarWinds Network Configuration Manager (NCM) prior to version 7.3, where a heap-based buffer overflow in the PEstrarg1 property can be exploited to execute arbitrary code. The root cause is a failure to validate the input size before copying into a fixed-size hea...

6.8CVSS8.3AI score0.11564EPSS
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.31 views

NCM Content Management System content.pl Input Validation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2584/info The NCM Content Management System is a product distributed by NCM. The NCM Content Management System is designed to manage web material and other data, and provide an interface to databases from web resources. A...

7.1AI score
Exploits0
CVE
CVE
added 2014/07/01 12:0 a.m.59 views

CVE-2014-2509

CVE-2014-2509 describes a session-fixation vulnerability in the EMC Network Configuration Manager (NCM) , specifically within the Report Advisor (RA) component. The issue would allow an attacker to hijack a NCM web session by manipulating the session cookie, affecting the RA prior to version 9.3 ...

5.4CVSS6.8AI score0.0158EPSS
Exploits0References5Affected Software1
securityvulns
securityvulns
added 2013/04/01 12:0 a.m.109 views

ESA-2013-016: EMC Smarts Network Configuration Manager

ESA-2013-016.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-016: EMC Smarts Network Configuration Manager Improper Authentication Vulnerability EMC Identifier: ESA-2013-016 CVE Identifier: CVE-2013-0935 Severity Rating: CVSS v2 Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Affected...

9.3CVSS0.3AI score0.04147EPSS
Exploits0
NVD
NVD
added 2013/03/28 3:55 p.m.22 views

CVE-2013-2717

Multiple unspecified vulnerabilities in the System Management aka SysAdmin Console in EMC Smarts Network Configuration Manager NCM through 9.2 have unknown impact and attack vectors, a different issue than CVE-2013-0935. NOTE: this might overlap CVEs for open-source server components or other...

9.3CVSS6.7AI score0.01243EPSS
Exploits0References1
Prion
Prion
added 2013/03/28 3:55 p.m.23 views

Authentication flaw

EMC Smarts Network Configuration Manager NCM before 9.2 does not require authentication for all Java RMI method calls, which allows remote attackers to execute arbitrary code via unspecified vectors...

9.3CVSS8.3AI score0.04147EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2013/03/28 3:55 p.m.22 views

Code injection

Multiple unspecified vulnerabilities in the System Management aka SysAdmin Console in EMC Smarts Network Configuration Manager NCM through 9.2 have unknown impact and attack vectors, a different issue than CVE-2013-0935. NOTE: this might overlap CVEs for open-source server components or other...

9.3CVSS7.3AI score0.04147EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2013/03/28 3:0 p.m.46 views

CVE-2013-2717

EMC Smarts Network Configuration Manager (NCM) up to version 9.2 contains authentication-related vulnerabilities. CVE-2013-0935: prior to 9.2, Java RMI calls could be invoked remotely without authentication to execute arbitrary code. CVE-2013-2717: multiple unspecified vulnerabilities in the Syst...

9.3CVSS6.9AI score0.01243EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2013/03/28 3:0 p.m.40 views

CVE-2013-0935

EMC Smarts Network Configuration Manager NCM before 9.2 does not require authentication for all Java RMI method calls, which allows remote attackers to execute arbitrary code via unspecified vectors...

7.9AI score0.04147EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/03/28 3:0 p.m.34 views

CVE-2013-2717

Multiple unspecified vulnerabilities in the System Management aka SysAdmin Console in EMC Smarts Network Configuration Manager NCM through 9.2 have unknown impact and attack vectors, a different issue than CVE-2013-0935. NOTE: this might overlap CVEs for open-source server components or other...

6.7AI score0.01243EPSS
Exploits0References1
CVE
CVE
added 2013/03/28 3:0 p.m.59 views

CVE-2013-0935

EMC Smarts Network Configuration Manager (NCM) before version 9.2 is affected by CVE-2013-0935. The issue: Java RMI method calls can be invoked without authentication, allowing remote attackers to execute arbitrary code. Severity in NVD is high (CVSSv2 base score 9.3) with network access and no a...

9.3CVSS8.1AI score0.04147EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/12/03 12:0 a.m.120 views

ESA-2012-057: EMC Smarts Network Configuration Manager Multiple Vulnerabilities

ESA-2012-057.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-057: EMC Smarts Network Configuration Manager Multiple Vulnerabilities EMC Identifier: ESA-2012-057 CVE Identifier: CVE-2012-4614 CVE Identifier: CVE-2012-4615 Severity Rating: CVSS v2 Base Score: See below for individual...

9.3CVSS0.6AI score0.02281EPSS
Exploits0
NVD
NVD
added 2012/11/27 9:55 p.m.23 views

CVE-2012-4615

EMC Smarts Network Configuration Manager NCM before 9.1 uses a hardcoded encryption key for the storage of credentials, which allows local users to obtain sensitive information via unspecified vectors...

2.1CVSS5.8AI score0.00213EPSS
Exploits0References6
Prion
Prion
added 2012/11/27 9:55 p.m.22 views

Authentication flaw

The default configuration of EMC Smarts Network Configuration Manager NCM before 9.1 does not require authentication for database access, which allows remote attackers to have an unspecified impact via a network session...

9.3CVSS7.5AI score0.02281EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2012/11/27 9:55 p.m.26 views

Hardcoded credentials

EMC Smarts Network Configuration Manager NCM before 9.1 uses a hardcoded encryption key for the storage of credentials, which allows local users to obtain sensitive information via unspecified vectors...

2.1CVSS6.3AI score0.00213EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2012/11/27 9:55 p.m.19 views

CVE-2012-4614

The default configuration of EMC Smarts Network Configuration Manager NCM before 9.1 does not require authentication for database access, which allows remote attackers to have an unspecified impact via a network session...

9.3CVSS7AI score0.02281EPSS
Exploits0References5
CVE
CVE
added 2012/11/27 9:0 p.m.70 views

CVE-2012-4615

EMC Smarts Network Configuration Manager (NCM) prior to version 9.1 is affected by CVE-2012-4615 due to a hard-coded encryption key used to store credentials, enabling local users to obtain sensitive information via unspecified vectors. The related security advisory(ESA-2012-057) notes this and r...

2.1CVSS5.9AI score0.00213EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2012/11/27 9:0 p.m.32 views

CVE-2012-4614

The default configuration of EMC Smarts Network Configuration Manager NCM before 9.1 does not require authentication for database access, which allows remote attackers to have an unspecified impact via a network session...

7AI score0.02281EPSS
Exploits0References5
CVE
CVE
added 2012/11/27 9:0 p.m.55 views

CVE-2012-4614

CVE-2012-4614 affects EMC Smarts Network Configuration Manager (NCM) prior to version 9.1. The default NCM configuration allows unauthenticated access to the NCM database, enabling remote attackers to interact via the network (impact described as complete confidentiality/integrity/availability). ...

9.3CVSS7.2AI score0.02281EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder