16 matches found
EUVD-2017-5886
Malware in sbrugna...
CVE-2017-14383
CVE-2017-14383 affects Dell EMC VNX2 (Operating Environment for File) versions prior to 8.1.9.217 and Dell EMC VNX1 versions prior to 7.1.80.8, where the web server error page in the VNX Control Station is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote, unauthentica...
CVE-2017-4984
In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, an unauthenticated remote attacker may be able to elevate their permissions to root through a command injection. This may potentially be exploited by an attacker to run arbitrary code with...
Command injection
In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, an unauthenticated remote attacker may be able to elevate their permissions to root through a command injection. This may potentially be exploited by an attacker to run arbitrary code with...
CVE-2017-4987
In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user can load a maliciously crafted file in the search path which may potentially allow the attacker to execute arbitrary code on the targeted VNX Control Station system, aka...
CVE-2017-4985
In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user may potentially escalate their privileges to root due to authorization checks not being performed on certain perl scripts. This may potentially be exploited by an attack...
Authorization
In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user may potentially escalate their privileges to root due to authorization checks not being performed on certain perl scripts. This may potentially be exploited by an attack...
Design/Logic Flaw
In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user can load a maliciously crafted file in the search path which may potentially allow the attacker to execute arbitrary code on the targeted VNX Control Station system, aka...
CVE-2017-4984
In EMC VNX2 OE for File (versions prior to 8.1.9.211) and VNX1 OE for File (versions prior to 7.1.80.8), an unauthenticated remote attacker could elevate privileges to root via a command injection, enabling arbitrary code execution with root privileges on the VNX Control Station. This is a networ...
CVE-2017-4987
The CVE-2017-4987 entry affects EMC VNX1/VNX2 OE for File prior to the stated versions, where a local authenticated user can place a malicious file on the search path, potentially enabling arbitrary code execution on the VNX Control Station due to an uncontrolled search path vulnerability. The pu...
CVE-2017-4985
In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user may potentially escalate their privileges to root due to authorization checks not being performed on certain perl scripts. This may potentially be exploited by an attack...
CVE-2017-4985
EMC VNX2/VNX1 local privilege escalation (CVE-2017-4985). A local authenticated user may bypass authorization checks on certain Perl scripts, potentially gaining root on the VNX Control Station. Affected versions: VNX2 OE for File prior to 8.1.9.211 and VNX1 OE for File prior to 7.1.80.8. Rooted ...
CVE-2017-4984
In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, an unauthenticated remote attacker may be able to elevate their permissions to root through a command injection. This may potentially be exploited by an attacker to run arbitrary code with...
CVE-2017-4987
In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user can load a maliciously crafted file in the search path which may potentially allow the attacker to execute arbitrary code on the targeted VNX Control Station system, aka...
CVE-2016-0917
The SMB service in EMC VNXe VNXe3200 Operating Environment prior to 3.1.5.8711957 and VNXe3100/3150/3300 Operating Environment prior to 2.4.4.22638, VNX1 File OE before 7.1.80.3, VNX2 File OE before 8.1.9.155, and Celerra all supported versions does not prevent duplicate NTLM challenge-response...
CVE-2016-0917
The CVE-2016-0917 entry concerns EMC SMB services in VNXe (VNXe3200 OE <3.1.5.8711957 and VNXe3100/3150/3300 OE <2.4.4.22638), VNX1 File OE <7.1.80.3, VNX2 File OE