EUVD-2015-0526

Malware in sbrugna...

EUVD-2013-6010

Malware in sbrugna...

Directory traversal

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R Watch4Net for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access unauthorized information, a...

CVE-2017-8007

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R Watch4Net for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access unauthorized information, a...

CVE-2017-8012

The CVE pertains to Dell EMC/VNX Monitoring and Reporting (RMI Registry) deserialization vulnerability that can be exploited remotely to cause a DoS. The attack path involves the exposed RMI registry (default port 52569) accepting untrusted data; authentication exists but can be bypassed per the ...

EMC ViPR SRM - Cross-Site Request Forgery

Exploit for php platform in category web applications !-- EMC M&R Watch4net lacks Cross-Site Request Forgery protection Abstract It was discovered that EMC M&R Watch4net does not protect against Cross-Site Request Forgery CSRF attacks. A successful CSRF attack can compromise end user data and may...

EMC ViPR SRM - Cross-Site Request Forgery

EMC ViPR SRM - Cross-Site Request Forgery !-- EMC M&R Watch4net lacks Cross-Site Request Forgery protection Abstract It was discovered that EMC M&R Watch4net does not protect against Cross-Site Request Forgery CSRF attacks. A successful CSRF attack can compromise end user data and may allow an...

Path traversal vulnerability in EMC M&R (Watch4net) Device Discovery

------------------------------------------------------------------------ Path traversal vulnerability in EMC M&R Watch4net Device Discovery ------------------------------------------------------------------------ Han Sahin, November 2014...

EMC M&R (Watch4net) data storage collector credentials are not properly protected

------------------------------------------------------------------------ EMC M&R Watch4net data storage collector credentials are not properly protected ------------------------------------------------------------------------ Han Sahin, November 2014...

Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Web Portal Report Favorites

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Web Portal Report Favorites ------------------------------------------------------------------------ Han Sahin, November 2014...

Path traversal vulnerability in EMC M&R (Watch4net) MIB Browser

------------------------------------------------------------------------ Path traversal vulnerability in EMC M&R Watch4net MIB Browser ------------------------------------------------------------------------ Han Sahin, November 2014...

Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Alerting Frontend

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Alerting Frontend ------------------------------------------------------------------------ Han Sahin, November 2014...

EMC M&R (Watch4net) Centralized Management Console XSS

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Centralized Management Console ------------------------------------------------------------------------ Han Sahin, November 2014...

EMC M&R (Watch4net) Web Portal Report Favorites XSS Vulnerability

A cross site scripting vulnerability was found in EMC M&R Watch4net Web Portal. This issue allows attackers to replace the report that is shown at startup, the attackers payload will be stored in the user's profile and will be executed every time the victim logs in...

EMC M&R (Watch4net) Detection

The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

EMC M&R (Watch4net) Web Portal Report Favorites XSS

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Web Portal Report Favorites ------------------------------------------------------------------------ Han Sahin, November 2014...

EMC M&R (Watch4net) - Directory Traversal Vulnerability

A path traversal vulnerability was found in EMC M&R Watch4net Device Discovery. This vulnerability allows an attacker to access sensitive files containing configuration data, passwords, database records, log data, source code, and program scripts and binaries. Abstract A path traversal...

EMC M&R (Watch4net) Centralized Management Console XSS Vulnerability

A cross site scripting vulnerability was found in EMC M&R Watch4net Centralized Management Console. This issue allows attackers to perform a wide variety of actions, such as stealing victims' session tokens or login credentials, performing arbitrary actions on their behalf, logging their...

EMC M&R (Watch4net) MIB Browser Path Traversal Vulnerability

A path traversal vulnerability was found in EMC M&R Watch4net MIB Browser. This vulnerability allows an attacker to access sensitive files containing configuration data, passwords, database records, log data, source code, and program scripts and binaries...

EMC M&R (Watch4net) - Credential Disclosure Vulnerability

It was discovered that EMC M&R Watch4net credentials of remote servers stored in Watch4net are encrypted using a fixed hard-coded password. If an attacker manages to obtain a copy of the encrypted credentials, it is trivial to decrypt them. Abstract It was discovered that EMC M&R Watch4net...