EUVD-2017-16977

Malware in sbrugna...

CVE-2017-8007

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R Watch4Net for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access unauthorized information, a...

Directory traversal

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R Watch4Net for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access unauthorized information, a...

CVE-2017-8007

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R Watch4Net for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access unauthorized information, a...

Webservice Gateway Directory Traversal Vulnerability in Multiple EMC Products

EMC ViPR SRM and others are products of EMC Corporation.EMC ViPR SRM is a suite of storage resource management software.Storage M&R is a data storage collector.Webservice Gateway is one of the gateways. A directory traversal vulnerability exists in Webservice Gateway in multiple EMC products. A...

Dell EMC VNX Monitoring and Reporting Scheduler Static Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Dell EMC VNX Monitoring and Reporting. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

CVE-2017-8011

EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R Watch4Net for SAS Solution Packs all versions contain undocumented accounts with default passwords for Webservice Gateway and RMI J...

CVE-2017-8011

EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R Watch4Net for SAS Solution Packs all versions contain undocumented accounts with default passwords for Webservice Gateway and RMI J...

CVE-2017-8011

CVE-2017-8011 is substantiated by connected disclosures indicating default/undocumented accounts with passwords in EMC/VNX monitoring products, enabling remote execution when the Webservice Gateway/RMI JMX are targeted. ZDI-17-505 details a remote code execution path via static credentials in the...