Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:3158
HistoryApr 13, 2008 - 12:00 a.m.

EMC DiskXtender默认凭据权限提升漏洞

2008-04-1300:00:00
Root
www.seebug.org
10

0.012 Low

EPSS

Percentile

85.0%

JSON

BUGTRAQ ID: 28727
CVE(CAN) ID: CVE-2008-0961

EMC DiskXtender是一款数据备份、迁移套件。

DiskXtender产品的主要组件包括文件系统管理器、MediaStor和证书服务器,这些组件都会创建可能远程访问的RPC端点。由于认证代码中包含有硬编码的登录和口令凭据,因此远程攻击者可以连接到这些RPC接口并使用这些凭据登录来绕过正常的认证过程,获得对DiskXtender服务器的管理访问。

EMC DiskXtender 6.20.60
EMC

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://www.emc.com/products/family/diskxtender-family.htm” target=“_blank”>http://www.emc.com/products/family/diskxtender-family.htm</a>

Related

prion 1
nvd 1
cve 1
securityvulns 2
cvelist 1
prion
prion
Authentication flaw
2008-04-14 16:05:00
nvd
nvd
CVE-2008-0961
2008-04-14 16:05:00
cve
cve
CVE-2008-0961
2008-04-14 16:05:00
securityvulns
securityvulns
iDefense Security Advisory 04.09.08: EMC DiskXtender Authentication Bypass Vulnerability
2008-04-14 00:00:00
EMC DiskXtender multiple security vulnerabilities
2008-04-14 00:00:00
cvelist
cvelist
CVE-2008-0961
2008-04-14 16:00:00

0.012 Low

EPSS

Percentile

85.0%

JSON
Related for SSV:3158
prion1nvd1cve1securityvulns2cvelist1