45 matches found
EUVD-2015-0526
Malware in sbrugna...
EUVD-2013-6010
Malware in sbrugna...
Directory traversal
In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R Watch4Net for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access unauthorized information, a...
CVE-2017-8007
In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R Watch4Net for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access unauthorized information, a...
CVE-2017-8012
The CVE pertains to Dell EMC/VNX Monitoring and Reporting (RMI Registry) deserialization vulnerability that can be exploited remotely to cause a DoS. The attack path involves the exposed RMI registry (default port 52569) accepting untrusted data; authentication exists but can be bypassed per the ...
EMC ViPR SRM - Cross-Site Request Forgery
EMC ViPR SRM - Cross-Site Request Forgery !-- EMC M&R Watch4net lacks Cross-Site Request Forgery protection Abstract It was discovered that EMC M&R Watch4net does not protect against Cross-Site Request Forgery CSRF attacks. A successful CSRF attack can compromise end user data and may allow an...
EMC ViPR SRM - Cross-Site Request Forgery
Exploit for php platform in category web applications !-- EMC M&R Watch4net lacks Cross-Site Request Forgery protection Abstract It was discovered that EMC M&R Watch4net does not protect against Cross-Site Request Forgery CSRF attacks. A successful CSRF attack can compromise end user data and may...
Path traversal vulnerability in EMC M&R (Watch4net) MIB Browser
------------------------------------------------------------------------ Path traversal vulnerability in EMC M&R Watch4net MIB Browser ------------------------------------------------------------------------ Han Sahin, November 2014...
EMC M&R (Watch4net) data storage collector credentials are not properly protected
------------------------------------------------------------------------ EMC M&R Watch4net data storage collector credentials are not properly protected ------------------------------------------------------------------------ Han Sahin, November 2014...
Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Alerting Frontend
------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Alerting Frontend ------------------------------------------------------------------------ Han Sahin, November 2014...
Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Web Portal Report Favorites
------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Web Portal Report Favorites ------------------------------------------------------------------------ Han Sahin, November 2014...
Path traversal vulnerability in EMC M&R (Watch4net) Device Discovery
------------------------------------------------------------------------ Path traversal vulnerability in EMC M&R Watch4net Device Discovery ------------------------------------------------------------------------ Han Sahin, November 2014...
EMC M&R (Watch4net) MIB Browser Path Traversal
------------------------------------------------------------------------ Path traversal vulnerability in EMC M&R Watch4net MIB Browser ------------------------------------------------------------------------ Han Sahin, November 2014...
EMC M&R (Watch4net) Web Portal Report Favorites XSS
------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Web Portal Report Favorites ------------------------------------------------------------------------ Han Sahin, November 2014...
EMC M&R (Watch4net) Alerting Frontend XSS
------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Alerting Frontend ------------------------------------------------------------------------ Han Sahin, November 2014...
EMC M&R (Watch4net) Device Discovery Path Traversal
------------------------------------------------------------------------ Path traversal vulnerability in EMC M&R Watch4net Device Discovery ------------------------------------------------------------------------ Han Sahin, November 2014...
EMC M&R (Watch4net) Centralized Management Console XSS Vulnerability
A cross site scripting vulnerability was found in EMC M&R Watch4net Centralized Management Console. This issue allows attackers to perform a wide variety of actions, such as stealing victims' session tokens or login credentials, performing arbitrary actions on their behalf, logging their...
EMC M&R (Watch4net) Detection
The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...
EMC M&R (Watch4net) Alerting Frontend XSS Vulnerability
A cross site scripting vulnerability was found in EMC M&R Watch4net Alerting Frontend. This issue allows attackers to perform a wide variety of actions, such as stealing victims' session tokens or login credentials, performing arbitrary actions on their behalf, logging their keystrokes, or exploi...
EMC M&R (Watch4net) Web Portal Report Favorites XSS Vulnerability
A cross site scripting vulnerability was found in EMC M&R Watch4net Web Portal. This issue allows attackers to replace the report that is shown at startup, the attackers payload will be stored in the user's profile and will be executed every time the victim logs in...