Lucene search
K
EmcVplex Geosynchrony

6 matches found

CVE
CVE
added 2014/03/28 7:0 p.m.61 views

CVE-2014-0632

EMC VPLEX GeoSynchrony GUI path traversal vulnerability (CVE-2014-0632) affects GeoSynchrony 4.0–5.2.1; before 5.3, remote authenticated users could trigger arbitrary code execution via unspecified vectors. Root cause is a directory traversal flaw in the VPLEX GUI. Impact is remote code execution...

9CVSS7.5AI score0.04503EPSS
CVE
CVE
added 2014/03/28 7:0 p.m.53 views

CVE-2014-0633

EMC VPLEX GeoSynchrony GUI has a session-timeout validation flaw in versions 4.x and 5.x prior to 5.3, which could allow remote attackers to execute arbitrary code by leveraging an unattended workstation. The issue affects VPLEX GeoSynchrony 4.0–5.2.1, with EMC recommending upgrading to version 5...

7.7CVSS7.9AI score0.00846EPSS
CVE
CVE
added 2014/03/28 7:0 p.m.52 views

CVE-2014-0634

EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 is affected by a Missing HttpOnly attribute in a Set-Cookie header for an unspecified cookie, which could allow remote attackers to access potentially sensitive information via script. Affected products: VPLEX GeoSynchrony 4.0–5.2.1. Root cause: absen...

6CVSS6.3AI score0.00956EPSS
CVE
CVE
added 2014/03/28 7:0 p.m.50 views

CVE-2014-0635

The CVE-2014-0635 entry concerns EMC VPLEX GeoSynchrony. Affected: VPLEX GeoSynchrony versions 4.0–5.2.1. Issue: session fixation allowing remote attackers to hijack web sessions via unspecified vectors. Root cause: not explicitly detailed in the provided documents beyond the existence of a sessi...

7.5CVSS6.8AI score0.01231EPSS
CVE
CVE
added 2015/11/18 11:0 a.m.45 views

CVE-2015-6847

The CVE-2015-6847 entry involves EMC VPLEX GeoSynchrony 5.4 SP1 prior to P3, where the default configuration stores cleartext NAVISPHERE GUI passwords in a log file. This exposes sensitive credentials to local users who can read the log, constituting a local information-disclosure vulnerability. ...

2.1CVSS5.9AI score0.0051EPSS
CVE
CVE
added 2015/12/28 3:0 p.m.44 views

CVE-2015-6850

EMC VPLEX GeoSynchrony 5.4 SP1 before P3 and 5.5 before Patch 1 have a default root password that allows local users to gain privileges by leveraging an active login session. Affected component: root account on GeoSynchrony; root cause: default credential exposed on install; impact: local privile...

8.4CVSS8.3AI score0.00539EPSS