ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-8012 | 5.8 |
In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial o
|
21-09-2017 - 21:29 | 21-09-2017 - 21:29 | |
CVE-2017-8007 | 6.5 |
In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vu
|
21-09-2017 - 21:29 | 21-09-2017 - 21:29 | |
CVE-2017-8011 | 10.0 |
EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with
|
17-07-2017 - 10:29 | 17-07-2017 - 10:29 | |
CVE-2016-0891 | 6.8 |
Multiple cross-site request forgery (CSRF) vulnerabilities in administrative pages in EMC ViPR SRM before 3.7 allow remote attackers to hijack the authentication of administrators.
|
10-01-2017 - 23:10 | 20-04-2016 - 13:59 | |
CVE-2015-0516 | 4.0 |
Directory traversal vulnerability in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 allows remote authenticated users to read arbitrary files via a crafted URL.
|
02-01-2017 - 21:59 | 21-01-2015 - 10:17 | |
CVE-2015-0515 | 6.5 |
Unrestricted file upload vulnerability in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 allows remote authenticated users to execute arbitrary code by uploading and then accessing an executable file.
|
02-01-2017 - 21:59 | 21-01-2015 - 10:17 | |
CVE-2015-0514 | 5.0 |
EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 might allow remote attackers to obtain cleartext data-center discovery credentials by leveraging certain SRM access to conduct a decryption attack.
|
02-01-2017 - 21:59 | 21-01-2015 - 10:17 | |
CVE-2015-0513 | 3.5 |
Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging privilege
|
02-01-2017 - 21:59 | 21-01-2015 - 10:17 | |
CVE-2016-6647 | 3.5 |
Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
28-11-2016 - 15:33 | 29-09-2016 - 20:59 | |
CVE-2016-6643 | 4.3 |
Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
28-11-2016 - 15:33 | 17-09-2016 - 22:59 | |
CVE-2016-6642 | 5.8 |
Cross-site request forgery (CSRF) vulnerability in EMC ViPR SRM before 3.7.2 allows remote attackers to hijack the authentication of administrators for requests that upload files.
|
28-11-2016 - 15:33 | 17-09-2016 - 22:59 | |
CVE-2016-6641 | 3.5 |
Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
28-11-2016 - 15:33 | 17-09-2016 - 22:59 | |
CVE-2016-0922 | 5.0 |
EMC ViPR SRM before 3.7.2 does not restrict the number of password-authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force guessing attack.
|
28-11-2016 - 14:56 | 17-09-2016 - 22:59 |