Lucene search
K

83 matches found

CVE
CVE
added 2016/10/05 1:0 a.m.51 views

CVE-2016-6645

The CVE-2016-6645 entry applies to EMC Unisphere for VMAX Virtual Appliance and Solutions Enabler Virtual Appliance 8.x prior to 8.3.0. The vulnerability stems from the vApp Manager’s web interface, where crafted input to GeneralCmdRequest, PersistantDataRequest, or GetCommandExecRequest allows a...

9CVSS8.7AI score0.03623EPSS
Exploits0References3Affected Software3
CVE
CVE
added 2016/10/05 1:0 a.m.50 views

CVE-2016-6646

The CVE-2016-6646 entry concerns EMC Unisphere for VMAX Virtual Appliance (vApp Manager) and Solutions Enabler Virtual Appliance. Affects 8.x releases prior to 8.3.0 where the vApp Manager web application processes crafted input via GetSymmCmdRequest or RemoteServiceHandler classes, enabling remo...

10CVSS9.6AI score0.04868EPSS
Exploits0References3Affected Software3
Cvelist
Cvelist
added 2016/10/05 1:0 a.m.18 views

CVE-2016-6646

The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote attackers to execute arbitrary code via crafted input to the 1 GetSymmCmdRequest or 2 RemoteServiceHandler class...

9.8AI score0.04868EPSS
Exploits0References3
Cvelist
Cvelist
added 2016/10/05 1:0 a.m.20 views

CVE-2016-6645

The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote authenticated users to execute arbitrary code via crafted input to the 1 GeneralCmdRequest, 2 PersistantDataRequest, or 3...

8.8AI score0.03623EPSS
Exploits0References3
CNVD
CNVD
added 2016/04/19 12:0 a.m.5 views

EMC Unisphere for VMAX vApp Manager Arbitrary File Write Vulnerability

EMC Unisphere for VMAX is a set of management interfaces for the VMAX storage family from EMC Corporation USA. An arbitrary file write vulnerability exists in the HTTP servlet in vApp Manager in EMC Unisphere for VMAX versions prior to 8.2.0, which can be exploited by a remote attacker to write...

10CVSS7AI score0.03139EPSS
Exploits0References1
OSV
OSV
added 2016/04/15 2:59 p.m.2 views

CVE-2016-0889

An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attackers to write to arbitrary files via a crafted pathname...

9.8CVSS5.9AI score0.03139EPSS
Exploits0References2
NVD
NVD
added 2016/04/15 2:59 p.m.15 views

CVE-2016-0889

An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attackers to write to arbitrary files via a crafted pathname...

10CVSS9.2AI score0.03139EPSS
Exploits0References2
Prion
Prion
added 2016/04/15 2:59 p.m.12 views

Design/Logic Flaw

An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attackers to write to arbitrary files via a crafted pathname...

10CVSS7.3AI score0.03139EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2016/04/15 2:0 p.m.41 views

CVE-2016-0889

The CVE concerns EMC Unisphere for VMAX Virtual Appliance, specifically the vApp Manager HTTP servlet. Affected: vApp Manager in EMC Unisphere for VMAX builds prior to 8.2.0. Root cause: an HTTP servlet vulnerability allows an attacker to write arbitrary files via a crafted pathname. Impact: enab...

10CVSS9.1AI score0.03139EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2015/06/29 10:59 a.m.12 views

CVE-2015-0545

EMC Unisphere for VMAX 8.x before 8.0.3.4 sets up the Java Debugging Wire Protocol JDWP service, which allows remote attackers to execute arbitrary code via unspecified vectors...

10CVSS7.8AI score0.04447EPSS
Exploits0References2
Prion
Prion
added 2015/06/29 10:59 a.m.18 views

Code injection

EMC Unisphere for VMAX 8.x before 8.0.3.4 sets up the Java Debugging Wire Protocol JDWP service, which allows remote attackers to execute arbitrary code via unspecified vectors...

10CVSS8.4AI score0.04447EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2015/06/29 10:0 a.m.59 views

CVE-2015-0545

EMC Unisphere for VMAX 8.x before 8.0.3.4 enables the Java Debug Wire Protocol (JDWP) service, which could allow remote attackers to execute arbitrary code. Affected products are EMC Unisphere for VMAX 8.0.x prior to 8.0.3.4; EMC’s security advisory and related CVE records confirm this is a remot...

10CVSS8.1AI score0.04447EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/06/29 10:0 a.m.22 views

CVE-2015-0545

EMC Unisphere for VMAX 8.x before 8.0.3.4 sets up the Java Debugging Wire Protocol JDWP service, which allows remote attackers to execute arbitrary code via unspecified vectors...

7.8AI score0.04447EPSS
Exploits0References2
securityvulns
securityvulns
added 2015/06/29 12:0 a.m.46 views

ESA-2015-102: EMC Unisphere for VMAX Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-102: EMC Unisphere for VMAX Remote Code Execution Vulnerability EMC Identifier: ESA-2015-102 CVE Identifier: CVE-2015-0545 Severity Rating: CVSS v2 Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C Affected products: • EMC Unisphere for VMAX 8.0.0 ...

10CVSS0.9AI score0.04447EPSS
Exploits0
securityvulns
securityvulns
added 2015/06/29 12:0 a.m.36 views

EMC Unisphere for VMAX code execution

JDWP access is possible...

10CVSS2.6AI score0.04447EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2015/06/26 12:0 a.m.4 views

EMC Unisphere for VMAX Remote Code Execution Vulnerability

EMC Unisphere for VMAX is the advanced graphical user interface. EMC Unisphere for VMAX with the JDWP service enabled enables an unauthenticated attacker to execute arbitrary code on the affected system...

10CVSS8AI score0.04447EPSS
Exploits0References1
securityvulns
securityvulns
added 2013/11/05 12:0 a.m.45 views

EMC Unisphere for VMAX information leakage

Under some conditions cleartext password is logged...

1.9CVSS2AI score0.00299EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/11/05 12:0 a.m.38 views

ESA-2013-074: EMC Unisphere for VMAX Information Disclosure Vulnerability

ESA-2013-074.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-074: EMC Unisphere for VMAX Information Disclosure Vulnerability EMC Identifier: ESA-2013-074 CVE Identifier: CVE-2013-3287 Severity Rating: CVSS v2 Base Score: 6.6 AV:L/AC:M/Au:S/C:C/I:C/A:C Affected products • EMC Unisphere...

1.9CVSS0.2AI score0.00299EPSS
Exploits0
NVD
NVD
added 2013/11/02 7:55 p.m.12 views

CVE-2013-3287

EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind password by reading the console...

1.9CVSS6.5AI score0.00299EPSS
Exploits0References2
Prion
Prion
added 2013/11/02 7:55 p.m.15 views

Default credentials

EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind password by reading the console...

1.9CVSS7AI score0.00299EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder