Lucene search
K
EmcNetworker

20 matches found

CVE
CVE
•added 2012/09/04 10:0 a.m.•174 views

CVE-2012-2288

EMC NetWorker nsrd RPC service is affected by a remote format-string vulnerability (CVE-2012-2288) in NetWorker 7.6.3–8.0, allowing arbitrary code execution via crafted messages. Public sources indicate the issue stems from the nsrd format string handling (format string vulnerability in the lg_sp...

9.3CVSS7.6AI score0.3312EPSS
Web
CVE
CVE
•added 2012/01/27 12:0 a.m.•143 views

CVE-2012-0395

EMC NetWorker Server 7.5.x and 7.6.x (up to 7.6.3 SP1 Cumulative Release 851) contains a buffer overflow in the RPC handling path (indexd.exe) that can allow remote, unauthenticated code execution or denial of service. Exploitation details point to RPC processing with opcode 0x01, where user-supp...

9.3CVSS8.4AI score0.03153EPSS
CVE
CVE
•added 2013/01/17 10:0 p.m.•135 views

CVE-2012-4607

CVE-2012-4607 Summary (Mode C) A buffer overflow in EMC NetWorker’s nsrindexd RPC service allows remote attackers to execute arbitrary code by sending crafted SunRPC data. Affected products include EMC NetWorker 7.5.x and earlier, 7.6.x prior to 7.6.5, and 8.x prior to 8.0.0.6. The root cause is ...

9.3CVSS8AI score0.03189EPSS
CVE
CVE
•added 2017/10/18 3:0 p.m.•69 views

CVE-2017-8022

Summary: CVE-2017-8022 affects EMC NetWorker Server (nsrd). A buffer overflow in nsrd exists on affected versions: prior to 8.2.4.9, all 9.0.x, prior to 9.1.1.3, and prior to 9.2.0.4. Exploitation could be remote and unauthenticated, potentially allowing arbitrary code execution or a denial of se...

8.1CVSS8.7AI score0.03219EPSS
CVE
CVE
•added 2018/01/05 5:0 p.m.•61 views

CVE-2017-15549

CVE-2017-15549 describes an arbitrary file upload vulnerability. A remote authenticated malicious user with low privileges could upload arbitrary files to any location on the server filesystem in affected VMware vSphere Data Protection (VDP) deployments, including VDP 5.x, 6.0.x, and 6.1.x. Affec...

9CVSS8.7AI score0.05525EPSS
CVE
CVE
•added 2018/01/05 5:0 p.m.•59 views

CVE-2017-15550

CVE-2017-15550 is a path-traversal vulnerability in VMware vSphere Data Protection (VDP). A remote authenticated malicious user with low privileges could access arbitrary files on the server filesystem within the vulnerable VDP application. Affected product versions include VDP 5.x, 6.0.x, and 6....

9CVSS8.7AI score0.08229EPSS
CVE
CVE
•added 2018/01/05 5:0 p.m.•57 views

CVE-2017-15548

CVE-2017-15548 affects EMC/VDP solutions: vSphere Data Protection (VDP) on VMware appliances 5.x, 6.0.x, 6.1.x with an authentication bypass vulnerability that could allow a remote unauthenticated attacker to gain unauthorized root access. Related issues CVE-2017-15549 (arbitrary file upload) and...

10CVSS9.6AI score0.047EPSS
CVE
CVE
•added 2011/02/01 5:0 p.m.•56 views

CVE-2011-0321

EMC NetWorker’s librpc.dll (nsrexecd) is vulnerable to a UDP-based spoofing flaw that permits remote attackers to register or unregister RPC services. The affected versions include EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2. The root cause is inadequate mitigat...

6.4CVSS6.7AI score0.02602EPSS
CVE
CVE
•added 2013/11/02 7:0 p.m.•55 views

CVE-2013-3285

The CVE-2013-3285 issue affects EMC NetWorker 8.0.x prior to 8.0.2.3, where the NetWorker Management Console (NMC) using Active Directory/LDAP can allow a remote authenticated user to discover cleartext administrator passwords via NMC audit reports or RAP resource requests. The advisory details t...

3.5CVSS6.5AI score0.00998EPSS
CVE
CVE
•added 2016/06/10 1:0 a.m.•55 views

CVE-2016-0916

EMC NetWorker is affected by CVE-2016-0916. Affected versions are 8.2.1.x and 8.2.2.x before 8.2.2.6, and 9.x before 9.0.0.6. The vulnerability arises from mishandling of authentication, enabling a remote attacker to execute arbitrary commands by leveraging access to a different NetWorker instanc...

10CVSS9.7AI score0.07711EPSS
CVE
CVE
•added 2002/03/15 5:0 a.m.•54 views

CVE-2002-0114

CVE-2002-0114 affects EMC NetWorker (Legato NetWorker) prior to version 7.0, where passwords are stored in plaintext in the daemon.log. This enables local users to gain privileges by reading the password from that file. The description notes the issue was originally reported for Legato NetWorker ...

4.6CVSS6.7AI score0.00371EPSS
CVE
CVE
•added 2013/05/03 10:0 a.m.•54 views

CVE-2013-0940

Summary: CVE-2013-0940 affects the EMC NetWorker client’s nsrpush process. Affected versions: before 7.6.5.3 and 8.x before 8.0.1.4. Root cause: the nsrpush process sets weak permissions on unspecified files, enabling local privilege escalation (via unspecified/unknown vectors). Impact (as stated...

7.2CVSS6.7AI score0.00387EPSS
CVE
CVE
•added 2013/07/31 10:0 a.m.•53 views

CVE-2013-0943

CVE-2013-0943 affects EMC NetWorker 7.6.x and 8.x prior to 8.1. A privileged local user can leverage the nsradmin utility under OS privileges to decrypt data and obtain sensitive configuration information, yielding a confidential data disclosure vulnerability. The root cause centers on how nsradm...

4.6CVSS6AI score0.00302EPSS
CVE
CVE
•added 2015/12/05 2:0 a.m.•53 views

CVE-2015-6849

CVE-2015-6849 affects EMC NetWorker prior to 8.0.4.5, 8.1.x prior to 8.1.3.6, 8.2.x prior to 8.2.2.2, and 9.0 before build 407. The vulnerability is a denial of service caused by improper handling of malformed RPC authentication messages, allowing an unauthenticated, remote attacker to crash the ...

7.8CVSS7.1AI score0.02272EPSS
CVE
CVE
•added 2002/02/02 5:0 a.m.•52 views

CVE-2001-0910

CVE-2001-0910 affects Legato NetWorker prior to 6.1, where remote attackers could bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP, then connecting from an IP address whose hostname cannot be determined via reverse DNS. The provide...

7.5CVSS6.8AI score0.02443EPSS
CVE
CVE
•added 2002/03/15 5:0 a.m.•50 views

CVE-2002-0113

CVE-2002-0113 concerns EMC NetWorker (formerly Legato NetWorker) before version 7.0. The affected component is the log storage path, where logs are written to “/nsr/logs/” with world-readable permissions, allowing local users to read potentially sensitive information and possibly gain privileges....

4.6CVSS6.1AI score0.00371EPSS
CVE
CVE
•added 2015/04/17 1:0 a.m.•49 views

CVE-2015-0530

EMC NetWorker is affected by a buffer overflow in the nsr_render_log utility that allows local privilege escalation. Affected releases include 8.0.4.3 and earlier, 8.1.x prior to 8.1.2.6, and 8.2.x prior to 8.2.1.2. The root cause is an unsafe function usage in nsr_render_log, enabling local user...

7.2CVSS6.9AI score0.00401EPSS
CVE
CVE
•added 2011/04/22 10:0 a.m.•47 views

CVE-2011-1421

EMC NetWorker 7.5.x (before 7.5.4.3) and 7.6.x (before 7.6.1.5) are affected when the client push feature is enabled. The issue is weak permissions set on an unspecified file, enabling local users to gain elevated privileges. Exploitation details are not provided in the sources. Remediation is to...

6.9CVSS6.7AI score0.00308EPSS
CVE
CVE
•added 2007/03/02 7:0 p.m.•46 views

CVE-2006-3892

The CVE concerns EMC NetWorker Management Console (Legato NetWorker) running version 7.3.2 before Jumbo Update 1, where weak authentication permits remote attackers to execute arbitrary commands. Affected component is the Management Console server; root-equivalent commands could be run on connect...

10CVSS7.4AI score0.04453EPSS
CVE
CVE
•added 2014/10/25 10:0 a.m.•45 views

CVE-2014-4620

CVE-2014-4620 affects EMC NetWorker Module for MEDITECH (NMMEDI) 3.0 builds 87–90. When used with EMC RecoverPoint and Plink, Plink commands print RecoverPoint credentials in clear text to nsrmedisv.raw log files, yielding local information disclosure. Impact is sensitive data exposure in logs. R...

2.1CVSS6AI score0.00535EPSS