Secure Remote Services@3.02 Security Vulnerabilities and Issues — Secure Remote Services@3.02 CVE List

Lucene search

EmcSecure Remote Services3.02

5 matches found

cve•added 2015/07/05 10:59 a.m.•38 views

CVE-2015-0544

EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly generate random values for session cookies, which makes it easier for remote attackers to hijack sessions by predicting a value.

9.3CVSS6.8AI score0.0061EPSS

cve•added 2015/03/12 10:59 a.m.•37 views

CVE-2015-0524

SQL injection vulnerability in the Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5CVSS8.5AI score0.00432EPSS

cve•added 2015/07/05 10:59 a.m.•37 views

CVE-2015-0543

EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8CVSS6AI score0.00134EPSS

cve•added 2015/03/12 10:59 a.m.•33 views

CVE-2015-0525

The Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary OS commands via unspecified vectors.

7.5CVSS7.8AI score0.01832EPSS

cve•added 2015/12/28 3:59 p.m.•31 views

CVE-2015-6852

Directory traversal vulnerability in the API in EMC Secure Remote Services Virtual Edition 3.x before 3.10 allows remote authenticated users to read log files via a crafted parameter.

4.3CVSS4.2AI score0.00147EPSS