Vulnerabilites related to emc - networker
Vulnerability from fkie_nvd
Published
2016-06-10 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before 9.0.0.6 mishandles authentication, which allows remote attackers to execute arbitrary commands by leveraging access to a different NetWorker instance.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security_alert@emc.com | http://seclists.org/bugtraq/2016/Jun/43 | Third Party Advisory | |
| security_alert@emc.com | http://www.securitytracker.com/id/1036075 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/bugtraq/2016/Jun/43 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036075 | Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD9E4CA-085E-49A9-A3F0-1244561AA85A",
"versionEndIncluding": "8.2.1.8",
"versionStartIncluding": "8.2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9DB5A5-2A04-4371-BA9A-5120C8D9EF91",
"versionEndExcluding": "8.2.2.6",
"versionStartIncluding": "8.2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80511F65-61E6-4981-9BF6-C6ED9E9BEB13",
"versionEndExcluding": "9.0.0.6",
"versionStartIncluding": "9.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before 9.0.0.6 mishandles authentication, which allows remote attackers to execute arbitrary commands by leveraging access to a different NetWorker instance."
},
{
"lang": "es",
"value": "EMC NetWorker 8.2.1.x y 8.2.2.x en versiones anteriores a 8.2.2.6 y 9.x en versiones anteriores a 9.0.0.6 no maneja adecuadamente la autenticaci\u00f3n, lo que permite a atacantes remotos ejecutar comandos arbitrarios aprovechando el acceso a una instancia de NetWorker diferente."
}
],
"id": "CVE-2016-0916",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-10T01:59:02.817",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory"
],
"url": "http://seclists.org/bugtraq/2016/Jun/43"
},
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://seclists.org/bugtraq/2016/Jun/43"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036075"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-05 17:29
Modified
2024-11-21 03:14
Severity ?
Summary
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could access arbitrary files on the server file system in the context of the running vulnerable application via Path traversal.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security_alert@emc.com | http://seclists.org/fulldisclosure/2018/Jan/17 | Issue Tracking, Mailing List, Third Party Advisory | |
| security_alert@emc.com | http://www.securityfocus.com/bid/102358 | Third Party Advisory, VDB Entry | |
| security_alert@emc.com | http://www.securitytracker.com/id/1040070 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2018/Jan/17 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102358 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040070 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | avamar_server | 7.1-21 | |
| emc | avamar_server | 7.1-145 | |
| emc | avamar_server | 7.1-302 | |
| emc | avamar_server | 7.1-370 | |
| emc | avamar_server | 7.2-32 | |
| emc | avamar_server | 7.2-309 | |
| emc | avamar_server | 7.2-401 | |
| emc | avamar_server | 7.3-125 | |
| emc | avamar_server | 7.3-211 | |
| emc | avamar_server | 7.3-226 | |
| emc | avamar_server | 7.3-233 | |
| emc | avamar_server | 7.4-58 | |
| emc | avamar_server | 7.4-242 | |
| emc | avamar_server | 7.5-183 | |
| emc | integrated_data_protection_appliance | 2.0 | |
| emc | networker | 9.0 | |
| emc | networker | 9.1 | |
| emc | networker | 9.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.1-21:sp2:*:*:*:*:*:*",
"matchCriteriaId": "323E56C6-6B78-451F-A80E-041D54099867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.1-145:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2D107C2E-A98C-4242-9491-6E9D77C53AA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.1-302:*:*:*:*:*:*:*",
"matchCriteriaId": "4E873853-D132-4395-8A88-1950741E4020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.1-370:*:*:*:*:*:*:*",
"matchCriteriaId": "5CECC623-D5E1-491A-AE79-890BA83CEF83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.2-32:sp1:*:*:*:*:*:*",
"matchCriteriaId": "0DE64DDE-F009-442D-8287-C2985C7907CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.2-309:*:*:*:*:*:*:*",
"matchCriteriaId": "0E603320-F634-46D0-B3F3-27B43AD853C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.2-401:*:*:*:*:*:*:*",
"matchCriteriaId": "381B1CF4-9A04-419C-97D1-7997E24D78EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.3-125:sp1:*:*:*:*:*:*",
"matchCriteriaId": "F8E173EB-AA44-4C78-AE35-5A61120A3F0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.3-211:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9B1C79-59E3-4FCE-8268-1125E599CE09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.3-226:*:*:*:*:*:*:*",
"matchCriteriaId": "2C79B2E0-E227-4D30-9EC0-6E186C8E1F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.3-233:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB11FC4-D82F-4F15-A559-1B86D6FD262D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.4-58:sp1:*:*:*:*:*:*",
"matchCriteriaId": "EEE728F4-0944-4526-98A1-2610A94958AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.4-242:*:*:*:*:*:*:*",
"matchCriteriaId": "F72F4EE3-DE40-4F99-8869-DDCA53E8FBE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.5-183:*:*:*:*:*:*:*",
"matchCriteriaId": "3D008A0B-CB0F-4338-811C-02796C31F758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:integrated_data_protection_appliance:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C8896568-958B-45D3-893B-30E3D9E4ED5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0:*:*:*:virtual:*:*:*",
"matchCriteriaId": "D4E32F32-86B3-4833-B437-DAA7875637C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.1:*:*:*:virtual:*:*:*",
"matchCriteriaId": "C8608852-5E06-45F1-86F5-EB5E77E6D699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.2:*:*:*:virtual:*:*:*",
"matchCriteriaId": "2D056AFC-8E7B-454D-A190-178ECA69D379",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could access arbitrary files on the server file system in the context of the running vulnerable application via Path traversal."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x y EMC Integrated Data Protection Appliance 2.0. Un usuario autenticado remoto malicioso con bajos privilegios podr\u00eda acceder a archivos arbitrarios en el sistema de archivos del servidor en el contexto de la aplicaci\u00f3n vulnerable en ejecuci\u00f3n mediante un salto de directorio."
}
],
"id": "CVE-2017-15550",
"lastModified": "2024-11-21T03:14:45.347",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-05T17:29:00.300",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2018/Jan/17"
},
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102358"
},
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2018/Jan/17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040070"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-25 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files, which allows local users to obtain sensitive information by reading these files.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:meditech:meditech:3.0:87:*:*:*:*:*:*",
"matchCriteriaId": "E0C60C50-0F94-42C1-8A5E-4619A246DFA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:meditech:meditech:3.0:90:*:*:*:*:*:*",
"matchCriteriaId": "AE45304B-075F-4F4E-9405-B641A27BC8CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DAF0D5-7EFF-4F23-BAC4-04F8749E400A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files, which allows local users to obtain sensitive information by reading these files."
},
{
"lang": "es",
"value": "El m\u00f3dulo EMC NetWorker para MEDITECH (tambi\u00e9n conocido como NMMEDI) 3.0 build 87 hasta 90, cuando se utiliza EMC RecoverPoint y Plink, almacena las credenciales RecoverPoint Appliance en texto plano en ficheros del registro nsrmedisv.raw, lo que permite a usuarios locales obtener informaci\u00f3n sensible mediante la lectura de estos ficheros."
}
],
"id": "CVE-2014-4620",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-10-25T10:55:06.023",
"references": [
{
"source": "security_alert@emc.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0145.html"
},
{
"source": "security_alert@emc.com",
"url": "http://packetstormsecurity.com/files/128841/EMC-NetWorker-Module-For-MEDITECH-NMMEDI-Information-Disclosure.html"
},
{
"source": "security_alert@emc.com",
"url": "http://secunia.com/advisories/61952"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/bid/70726"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securitytracker.com/id/1031116"
},
{
"source": "security_alert@emc.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0145.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/128841/EMC-NetWorker-Module-For-MEDITECH-NMMEDI-Information-Disclosure.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/70726"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97756"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-17 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before 7.6.5, and 8.x before 8.0.0.6, allows remote attackers to execute arbitrary code via crafted SunRPC data.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF82110-E275-4746-9BCF-C46CE01A5EA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "1F7DF3A1-75E4-416B-9346-90629EB85E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5A3FE44D-0C02-41B7-985F-A79B858221AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5:sp3:*:*:*:*:*:*",
"matchCriteriaId": "8215A765-566D-4761-9C97-68F64675B45A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B48E6E-E5C8-4C1A-BAB5-5BE136B611E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FF03F62F-1633-405A-8B08-D5F7145A7174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C7271CDF-1D20-4942-A32C-39C1FDC2D265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3436A42F-F1DF-4FFD-877A-308057A5F8C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A1A23D19-38B0-46A8-A26C-3250632D6E4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "64F9AE15-2B14-4D76-83C2-0A7125F16D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA7C510-9011-4CAE-A270-F730308BF239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6105BB6A-22C4-4725-848A-281A7BF79725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5FA049-FAE2-498D-BE11-213C55872BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA36CB9-307F-44B8-8CA0-41BDFE2F14FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17DE514C-CFCB-429B-B512-214310A80611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D64B74C8-38FD-4D28-950F-C3F2DE942980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C726F9-6433-4236-8C57-D4232458B955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "010991D9-9112-4B8B-8DE0-58ECF49A44F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F88FD06-F318-4576-BE8F-4494C217F814",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1420E7-90F4-43DC-AA5A-91B34870DF53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "013A475A-C422-4252-ABC9-EA6C0ADE14D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7F0E63B8-318A-46A1-AAC0-6DB8F126EB6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C14E6F-0688-4604-8318-25EBFC7642EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "72846905-B210-4FC5-9B33-44901DEEFE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89324C33-21D3-463A-9C52-C495F3DC3CD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6:sp2:*:*:*:*:*:*",
"matchCriteriaId": "C13D9451-34DA-42FA-BC1E-2AEBB903B480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D87038FD-8115-4024-AB82-EFB0EF5B1C98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "985DDA57-DA2C-4EC7-BD42-F0B5E190DBF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CFD5DF-BCD0-46C6-B18E-60465A6318BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D68C4BE8-A053-46F3-B9F3-DDE3451F30B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2335F8A5-30E3-4452-8FFA-1ED185917313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A22B0B-E8C4-47AB-B276-E8E38BDDE818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA7C02D-DA10-4B9D-83C9-98BBE81E6166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "121F391B-295D-4684-A7F4-C91C57033532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8771B6-D668-47B7-B114-E6E111A2A322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8BE130-4CA6-4690-AB01-59A50EB8B997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE180DF-44A3-49FA-865E-774D51E2F574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2EFDC5AA-A5F9-4F98-88CA-E83323C26255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "731868F9-F611-442B-85B6-8E5C7A963DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E27C64B9-83B9-44D9-A3FA-3B93867B086C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ADBD90BD-A1F7-45D6-9BD3-19AF88FD6087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF6BADD-1761-4F58-8FE6-34824D36A42A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DB455DF-F7F5-4534-A854-BB61604DDD5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FEE098A5-18F8-43F1-967D-5FB1A4213BAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6C4DA434-8078-4E3D-84C9-6338B6860CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B0A517A5-86EC-4ACD-9120-9855FD4A66F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "945BBBE4-ACC1-4FD9-9147-2C3AD6AEBAD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83625C74-9A2C-406D-A72F-98057C626180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C918819-AE64-4C02-BDFD-44A7950260E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D67F8C96-D9A8-4EBC-909D-8D5076F72C5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5D89D53E-767D-43D6-822A-418297C7349C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B59F4C75-D6C7-4D9F-A3B5-311DA1D59F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E3601F4F-FAA4-4B88-8B39-3E8DCCDC621F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before 7.6.5, and 8.x before 8.0.0.6, allows remote attackers to execute arbitrary code via crafted SunRPC data."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en nsrindexd en EMC NetWorker v7.5.x y v7.6.x antes de v7.6.5 y v8.x antes de v8.0.0.6, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de datos SunRPC hechos a mano."
}
],
"id": "CVE-2012-4607",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-01-17T22:55:00.887",
"references": [
{
"source": "security_alert@emc.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0029.html"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-03-25 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE54B84-3CA1-490B-9D0C-A3C3C872D2B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform."
},
{
"lang": "es",
"value": "Legato Networker 6.1 almacena ficheros de registro en el directorio /nsr/logs/ con permisos de lectura para todos los usuarios, lo que permite a usuarios locales leer informaci\u00f3n sensible y posiblemente ganar privilegios."
}
],
"id": "CVE-2002-0113",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-03-25T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/249420"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/7897.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/3840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/249420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/7897.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/3840"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-04-22 10:55
Modified
2025-04-11 00:51
Severity ?
Summary
EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | networker | 7.5.2.0 | |
| emc | networker | 7.5.2.1 | |
| emc | networker | 7.5.2.2 | |
| emc | networker | 7.5.2.3 | |
| emc | networker | 7.5.2.4 | |
| emc | networker | 7.5.3 | |
| emc | networker | 7.5.3.1 | |
| emc | networker | 7.5.3.2 | |
| emc | networker | 7.5.3.3 | |
| emc | networker | 7.5.3.4 | |
| emc | networker | 7.5.3.5 | |
| emc | networker | 7.5.4 | |
| emc | networker | 7.5.4.1 | |
| emc | networker | 7.5.4.2 | |
| emc | networker | 7.6 | |
| emc | networker | 7.6 | |
| emc | networker | 7.6.0.2 | |
| emc | networker | 7.6.0.3 | |
| emc | networker | 7.6.0.4 | |
| emc | networker | 7.6.0.5 | |
| emc | networker | 7.6.0.6 | |
| emc | networker | 7.6.0.7 | |
| emc | networker | 7.6.0.8 | |
| emc | networker | 7.6.0.9 | |
| emc | networker | 7.6.1 | |
| emc | networker | 7.6.1.1 | |
| emc | networker | 7.6.1.2 | |
| emc | networker | 7.6.1.3 | |
| emc | networker | 7.6.1.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B48E6E-E5C8-4C1A-BAB5-5BE136B611E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FF03F62F-1633-405A-8B08-D5F7145A7174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C7271CDF-1D20-4942-A32C-39C1FDC2D265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3436A42F-F1DF-4FFD-877A-308057A5F8C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A1A23D19-38B0-46A8-A26C-3250632D6E4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "64F9AE15-2B14-4D76-83C2-0A7125F16D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA7C510-9011-4CAE-A270-F730308BF239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6105BB6A-22C4-4725-848A-281A7BF79725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5FA049-FAE2-498D-BE11-213C55872BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA36CB9-307F-44B8-8CA0-41BDFE2F14FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17DE514C-CFCB-429B-B512-214310A80611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D64B74C8-38FD-4D28-950F-C3F2DE942980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C726F9-6433-4236-8C57-D4232458B955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "010991D9-9112-4B8B-8DE0-58ECF49A44F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "72846905-B210-4FC5-9B33-44901DEEFE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89324C33-21D3-463A-9C52-C495F3DC3CD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D87038FD-8115-4024-AB82-EFB0EF5B1C98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "985DDA57-DA2C-4EC7-BD42-F0B5E190DBF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CFD5DF-BCD0-46C6-B18E-60465A6318BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D68C4BE8-A053-46F3-B9F3-DDE3451F30B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2335F8A5-30E3-4452-8FFA-1ED185917313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A22B0B-E8C4-47AB-B276-E8E38BDDE818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA7C02D-DA10-4B9D-83C9-98BBE81E6166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "121F391B-295D-4684-A7F4-C91C57033532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8771B6-D668-47B7-B114-E6E111A2A322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8BE130-4CA6-4690-AB01-59A50EB8B997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE180DF-44A3-49FA-865E-774D51E2F574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2EFDC5AA-A5F9-4F98-88CA-E83323C26255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "731868F9-F611-442B-85B6-8E5C7A963DBA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors."
},
{
"lang": "es",
"value": "EMC NetWorker v7.5.x anterior a v7.5.4.3 y v7.6.x anterior a v7.6.1.5, cuando la funci\u00f3n Client Push cliente est\u00e1 habilitada, utiliza permisos d\u00e9biles para un archivo no especificado, lo que permite a usuarios locales conseguir privilegios a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2011-1421",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-04-22T10:55:02.110",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44237"
},
{
"source": "security_alert@emc.com",
"url": "http://securityreason.com/securityalert/8214"
},
{
"source": "security_alert@emc.com",
"url": "http://securitytracker.com/id?1025383"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/archive/1/517532/100/0/threaded"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/bid/47410"
},
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/1025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8214"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/517532/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/47410"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/1025"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-18 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
An issue was discovered in EMC NetWorker (prior to 8.2.4.9, all supported 9.0.x versions, prior to 9.1.1.3, prior to 9.2.0.4). The Server service (nsrd) is affected by a buffer overflow vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code on vulnerable installations of the software, or cause a denial of service, depending on the target system's platform.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security_alert@emc.com | http://seclists.org/fulldisclosure/2017/Oct/35 | Mailing List, Third Party Advisory | |
| security_alert@emc.com | http://www.securitytracker.com/id/1039583 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2017/Oct/35 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039583 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | networker | * | |
| emc | networker | 9.0.0.3 | |
| emc | networker | 9.0.0.4 | |
| emc | networker | 9.0.0.5 | |
| emc | networker | 9.0.0.6 | |
| emc | networker | 9.0.0.7 | |
| emc | networker | 9.0.0.8 | |
| emc | networker | 9.0.1.1 | |
| emc | networker | 9.0.1.2 | |
| emc | networker | 9.0.1.3 | |
| emc | networker | 9.0.1.4 | |
| emc | networker | 9.0.1.5 | |
| emc | networker | 9.0.1.6 | |
| emc | networker | 9.0.1.7 | |
| emc | networker | 9.0.1.8 | |
| emc | networker | 9.0.1.9 | |
| emc | networker | 9.1.0.3 | |
| emc | networker | 9.1.0.4 | |
| emc | networker | 9.1.0.5 | |
| emc | networker | 9.1.0.6 | |
| emc | networker | 9.1.1.1 | |
| emc | networker | 9.1.1.2 | |
| emc | networker | 9.2.0.1 | |
| emc | networker | 9.2.0.2 | |
| emc | networker | 9.2.0.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:*:*:*:*:*:*:*:*",
"matchCriteriaId": "504CDC85-F6DE-4995-B19E-4E29D0B004A0",
"versionEndIncluding": "8.2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "320CDE7C-254C-465E-AB1C-EB2705098A24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "973EACF3-9A27-4384-A32B-AF3C94E2C016",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69A694E8-43C7-4521-BB4F-69874553F495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D29803-7F5B-4A55-AE34-B77B49AAB3FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "643079B8-7074-40DB-A8CC-D15E8408E34E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B4282310-F646-485D-82F3-26D5F545A999",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "922E6EAD-B2EE-4593-8B92-0496FFB7E40F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3193D3-5B8F-4D6B-9904-29F231D48574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BB6F04FD-B8B7-4A44-B0F1-F6E999E66937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F604839-43F3-4F85-B45E-EE63924E1A9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "38C00A1A-2E11-45D7-9E83-D64F24F81299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E6DF1A99-B5D8-46C4-A291-D3CB55A95E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "80A9C4B4-CE28-45A8-93DD-9CD833082237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C648EF3C-1C68-4A6E-A9F4-C0EE10FDE9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E715F74F-EEE5-45AB-B7D0-FEBB23F029CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E2870EA3-D157-4584-9052-D8BD84FBFB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BAC60D-694D-4D82-B8F8-3E12F7B54DB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1740DEF3-E880-4D0A-8FB3-919108AC79CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DF4BA6-AD34-48E2-80ED-1FD60ABD41C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA35C1C-42F8-4DDF-B946-23BB751E8BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF8B7F-4E88-4903-87BC-9381BE7753A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B01B7004-6EC2-4D97-B416-9F878C8BBB33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C26184C-AC7A-4B13-8774-8F5385D3487A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "91E05EA1-EBD2-4A56-A0DF-670442FCDD2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in EMC NetWorker (prior to 8.2.4.9, all supported 9.0.x versions, prior to 9.1.1.3, prior to 9.2.0.4). The Server service (nsrd) is affected by a buffer overflow vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code on vulnerable installations of the software, or cause a denial of service, depending on the target system\u0027s platform."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en EMC NetWorker (versiones anteriores a la 8.2.4.9, todas las versiones 9.0.x con soporte, las anteriores a la 9.1.1.3 y las anteriores a la 9.2.0.4). El servicio Server (nsrd) se ha visto afectado por una vulnerabilidad de desbordamiento de b\u00fafer. Un atacante remoto no autenticado podr\u00eda explotar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario en instalaciones vulnerables del software o provocar una denegaci\u00f3n de servicio, dependiendo de la plataforma del sistema objetivo."
}
],
"id": "CVE-2017-8022",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-18T15:29:00.737",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2017/Oct/35"
},
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2017/Oct/35"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039583"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-03-25 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE54B84-3CA1-490B-9D0C-A3C3C872D2B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform."
},
{
"lang": "es",
"value": "Legato NetWorker 6.1 almacena passwords en texto plano en el fichero daemon.log que permite a usuarios locales tomar privilegios leyendo las passwords del fichero."
}
],
"id": "CVE-2002-0114",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-03-25T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/249420"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/7898.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/3842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/249420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/7898.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/3842"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-17 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | networker | * | |
| emc | networker | 8.1.0.0 | |
| emc | networker | 8.1.0.1 | |
| emc | networker | 8.1.0.2 | |
| emc | networker | 8.1.0.3 | |
| emc | networker | 8.1.0.4 | |
| emc | networker | 8.1.0.5 | |
| emc | networker | 8.1.1.0 | |
| emc | networker | 8.1.1.1 | |
| emc | networker | 8.1.1.2 | |
| emc | networker | 8.1.1.3 | |
| emc | networker | 8.1.1.4 | |
| emc | networker | 8.1.1.5 | |
| emc | networker | 8.1.1.6 | |
| emc | networker | 8.1.1.7 | |
| emc | networker | 8.1.1.8 | |
| emc | networker | 8.1.1.9 | |
| emc | networker | 8.1.2.0 | |
| emc | networker | 8.1.2.1 | |
| emc | networker | 8.1.2.2 | |
| emc | networker | 8.1.2.3 | |
| emc | networker | 8.1.2.4 | |
| emc | networker | 8.1.2.5 | |
| emc | networker | 8.2.0.0 | |
| emc | networker | 8.2.0.1 | |
| emc | networker | 8.2.0.2 | |
| emc | networker | 8.2.0.3 | |
| emc | networker | 8.2.0.4 | |
| emc | networker | 8.2.0.5 | |
| emc | networker | 8.2.0.6 | |
| emc | networker | 8.2.1.0 | |
| emc | networker | 8.2.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2F91BE7-2B6A-4E6C-B2E7-0C3A06E56C58",
"versionEndIncluding": "8.0.4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F38B4D5D-C2F6-45A2-965D-73DECCF094AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8314DE-3BA0-4A54-AEA2-A2666961E82D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9424A33B-8A88-41A0-9399-A7201EE75A21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6B0E4D-0358-4A1D-9BE5-1840E2D7585A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8D386E51-02E1-4BA8-AFD7-BE6EFAFC0082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7832B1E1-6367-4D7C-B1A1-0517EB169378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FD1A7FCF-5029-41BC-815D-D7089C75A195",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6EA7A0E-F89B-495F-946B-BE4C773CF475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "61CD2EED-A21C-4CE1-8621-626C3723D65F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "25933657-2494-419B-9BA0-E4489B357A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2F3F38D0-3B95-450F-A212-208473D624D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B8756020-C00B-4035-97AB-B4AA6445342F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE473613-EF12-4E31-87D7-C96E9CADE4B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3534CB1D-99B1-4D22-985E-AC4823A74CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E03DDF1E-ACB7-4537-9E3F-6562D684D100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C7283326-D640-4F93-9C48-F8847A49435F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB1594CC-8F3F-4F54-AF21-D6D1E01B71FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F104816B-1F99-4F01-BDC9-6FB5C0B0C580",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0DA1C36-6B73-4DA2-B10F-476BB4D75568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "70E3A734-DE86-46C5-B713-AECEA6FDAF93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55F82679-EA1D-4D15-8A63-8EBC7EA5E62B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "07413EC7-5A1E-464F-B07D-A03552C5758B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "323F4339-8BDE-4CEF-9151-2089F901897E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25E35791-8E1D-4EAF-90EE-49CD9E4369E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "06BCB990-3485-4B25-8B36-E3B4060D5857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A555D471-D194-4CD9-871E-3F15C33593B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4988DB2B-8920-42A0-BBB2-F1C710BAA197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D5472494-CC1F-473C-8BF9-622CF068B6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4C06B8B2-D377-4AEE-8660-DA757F23A0BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92AAC072-3EFF-4709-A046-3F4CD82D8CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1844D405-90D6-4E70-9016-F58EAC784B9D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en una funci\u00f3n no especificada en nsr_render_log en EMC NetWorker anterior a 8.0.4.3, 8.1.x anterior a 8.1.2.6, y 8.2.x anterior a 8.2.1.2 permite a usuarios locales ganar privilegios a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2015-0530",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-17T01:59:24.543",
"references": [
{
"source": "security_alert@emc.com",
"url": "http://seclists.org/bugtraq/2015/Apr/103"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securitytracker.com/id/1032147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/bugtraq/2015/Apr/103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032147"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-11-21 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be determined by a DNS reverse lookup.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5967C58A-D318-466D-9370-222FE7034B2D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be determined by a DNS reverse lookup."
}
],
"id": "CVE-2001-0910",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-11-21T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=100638782917917\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3564"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=100638782917917\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7601"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-01-27 00:55
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | networker | 7.5 | |
| emc | networker | 7.5 | |
| emc | networker | 7.5 | |
| emc | networker | 7.5 | |
| emc | networker | 7.5.2.0 | |
| emc | networker | 7.5.2.1 | |
| emc | networker | 7.5.2.2 | |
| emc | networker | 7.5.2.3 | |
| emc | networker | 7.5.2.4 | |
| emc | networker | 7.5.3 | |
| emc | networker | 7.5.3.1 | |
| emc | networker | 7.5.3.2 | |
| emc | networker | 7.5.3.3 | |
| emc | networker | 7.5.3.4 | |
| emc | networker | 7.5.3.5 | |
| emc | networker | 7.5.4 | |
| emc | networker | 7.5.4.1 | |
| emc | networker | 7.5.4.2 | |
| emc | networker | 7.5.4.3 | |
| emc | networker | 7.6 | |
| emc | networker | 7.6 | |
| emc | networker | 7.6 | |
| emc | networker | 7.6.0.2 | |
| emc | networker | 7.6.0.3 | |
| emc | networker | 7.6.0.4 | |
| emc | networker | 7.6.0.5 | |
| emc | networker | 7.6.0.6 | |
| emc | networker | 7.6.0.7 | |
| emc | networker | 7.6.0.8 | |
| emc | networker | 7.6.0.9 | |
| emc | networker | 7.6.1 | |
| emc | networker | 7.6.1.1 | |
| emc | networker | 7.6.1.2 | |
| emc | networker | 7.6.1.3 | |
| emc | networker | 7.6.1.4 | |
| emc | networker | 7.6.1.5 | |
| emc | networker | 7.6.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF82110-E275-4746-9BCF-C46CE01A5EA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "1F7DF3A1-75E4-416B-9346-90629EB85E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5A3FE44D-0C02-41B7-985F-A79B858221AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5:sp3:*:*:*:*:*:*",
"matchCriteriaId": "8215A765-566D-4761-9C97-68F64675B45A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B48E6E-E5C8-4C1A-BAB5-5BE136B611E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FF03F62F-1633-405A-8B08-D5F7145A7174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C7271CDF-1D20-4942-A32C-39C1FDC2D265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3436A42F-F1DF-4FFD-877A-308057A5F8C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A1A23D19-38B0-46A8-A26C-3250632D6E4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "64F9AE15-2B14-4D76-83C2-0A7125F16D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA7C510-9011-4CAE-A270-F730308BF239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6105BB6A-22C4-4725-848A-281A7BF79725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5FA049-FAE2-498D-BE11-213C55872BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA36CB9-307F-44B8-8CA0-41BDFE2F14FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17DE514C-CFCB-429B-B512-214310A80611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D64B74C8-38FD-4D28-950F-C3F2DE942980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C726F9-6433-4236-8C57-D4232458B955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "010991D9-9112-4B8B-8DE0-58ECF49A44F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F88FD06-F318-4576-BE8F-4494C217F814",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "72846905-B210-4FC5-9B33-44901DEEFE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89324C33-21D3-463A-9C52-C495F3DC3CD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6:sp2:*:*:*:*:*:*",
"matchCriteriaId": "C13D9451-34DA-42FA-BC1E-2AEBB903B480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D87038FD-8115-4024-AB82-EFB0EF5B1C98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "985DDA57-DA2C-4EC7-BD42-F0B5E190DBF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CFD5DF-BCD0-46C6-B18E-60465A6318BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D68C4BE8-A053-46F3-B9F3-DDE3451F30B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2335F8A5-30E3-4452-8FFA-1ED185917313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A22B0B-E8C4-47AB-B276-E8E38BDDE818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA7C02D-DA10-4B9D-83C9-98BBE81E6166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "121F391B-295D-4684-A7F4-C91C57033532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8771B6-D668-47B7-B114-E6E111A2A322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8BE130-4CA6-4690-AB01-59A50EB8B997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE180DF-44A3-49FA-865E-774D51E2F574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2EFDC5AA-A5F9-4F98-88CA-E83323C26255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "731868F9-F611-442B-85B6-8E5C7A963DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E27C64B9-83B9-44D9-A3FA-3B93867B086C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ADBD90BD-A1F7-45D6-9BD3-19AF88FD6087",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el servidor en EMC NetWorker v7.5.x y v7.6.x anterior a v7.6.3 SP1 Cumulative Release 851 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2012-0395",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-01-27T00:55:01.097",
"references": [
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/archive/1/521374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/521374"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-02 19:55
Modified
2025-04-11 00:51
Severity ?
Summary
The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Directory/LDAP for authentication, allows remote authenticated users to discover cleartext administrator passwords via (1) unspecified NMC audit reports or (2) requests to RAP resources.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | networker | 8.0 | |
| emc | networker | 8.0.0.1 | |
| emc | networker | 8.0.0.2 | |
| emc | networker | 8.0.0.3 | |
| emc | networker | 8.0.0.4 | |
| emc | networker | 8.0.0.5 | |
| emc | networker | 8.0.0.6 | |
| emc | networker | 8.0.1.3 | |
| emc | networker | 8.0.1.4 | |
| emc | networker | 8.0.1.5 | |
| emc | networker | 8.0.1.6 | |
| emc | networker | 8.0.2.0 | |
| emc | networker | 8.0.2.1 | |
| emc | networker | 8.0.2.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83625C74-9A2C-406D-A72F-98057C626180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C918819-AE64-4C02-BDFD-44A7950260E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D67F8C96-D9A8-4EBC-909D-8D5076F72C5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5D89D53E-767D-43D6-822A-418297C7349C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B59F4C75-D6C7-4D9F-A3B5-311DA1D59F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E3601F4F-FAA4-4B88-8B39-3E8DCCDC621F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "408E3FBD-64BF-4E37-9FA2-C9FC69A2D5F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0A95340F-8259-4471-A288-3046D67EDE5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "87F69CAF-0E54-45EF-9063-6FDCFA2A0BD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A990F8EA-B69D-458B-8433-41BA5118D57B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3875F1DF-21A9-4F50-8F01-D55AFD725094",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C9084EB-5D75-477D-AF31-BDC174B1A23C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A851B4E-C9CB-4580-BFD9-4A28EA9E3859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2C1185F7-6BEB-4546-9452-10CCBD509A48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Directory/LDAP for authentication, allows remote authenticated users to discover cleartext administrator passwords via (1) unspecified NMC audit reports or (2) requests to RAP resources."
},
{
"lang": "es",
"value": "La NetWorker Management Console (NMC) de EMC NetWorker 8.0.x anterior a 8.0.2.3, cuando se utiliza Active Directory/LDAP para la autenticaci\u00f3n, permite a los usuarios remotos autenticados descubrir las contrase\u00f1as de administrador en texto plano a trav\u00e9s de (1) los informes de auditor\u00eda NMC sin especificar o (2) las solicitudes de recursos RAP."
}
],
"id": "CVE-2013-3285",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-02T19:55:04.460",
"references": [
{
"source": "security_alert@emc.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0150.html"
},
{
"source": "security_alert@emc.com",
"url": "http://osvdb.org/99067"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/bid/63402"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securitytracker.com/id/1029265"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0150.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/99067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/63402"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1029265"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-01 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | networker | * | |
| emc | networker | 6.0 | |
| emc | networker | 6.1 | |
| emc | networker | 7.0 | |
| emc | networker | 7.2 | |
| emc | networker | 7.3 | |
| emc | networker | 7.4 | |
| emc | networker | 7.4 | |
| emc | networker | 7.4 | |
| emc | networker | 7.4 | |
| emc | networker | 7.4 | |
| emc | networker | 7.4 | |
| emc | networker | 7.5 | |
| emc | networker | 7.5 | |
| emc | networker | 7.5 | |
| emc | networker | 7.5.3.1 | |
| emc | networker | 7.5.3.2 | |
| emc | networker | 7.5.3.3 | |
| emc | networker | 7.5.3.4 | |
| emc | networker | 7.6.0.2 | |
| emc | networker | 7.6.0.3 | |
| emc | networker | 7.6.0.4 | |
| emc | networker | 7.6.0.5 | |
| emc | networker | 7.6.0.6 | |
| emc | networker | 7.6.0.7 | |
| emc | networker | 7.6.0.8 | |
| emc | networker | 7.6.0.9 | |
| emc | networker | 7.6.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3A0B08EF-3440-4BE8-93AA-2EB530DA0ABB",
"versionEndIncluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5967C58A-D318-466D-9370-222FE7034B2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE54B84-3CA1-490B-9D0C-A3C3C872D2B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D2271AE-769D-4A3A-8821-22F22B6018C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "76F59763-C87A-48A4-890D-B17EAEA6EF0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10954E1B-09A1-4F0A-A2EF-BEDE3B6CE7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "33F952DA-3037-4F76-B874-E63F3F280B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.4:sp1:*:*:*:*:*:*",
"matchCriteriaId": "A6320CF7-A074-429C-A4C2-7D3F7E19A49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.4:sp2:*:*:*:*:*:*",
"matchCriteriaId": "6E8C849D-24D2-495E-997A-789FC9D7D56C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.4:sp3:*:*:*:*:*:*",
"matchCriteriaId": "A65D81EE-FC19-40BE-B9E4-44F2A99D60AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.4:sp4:*:*:*:*:*:*",
"matchCriteriaId": "B5262837-70E0-4F10-8367-4F85DB17B67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.4:sp5:*:*:*:*:*:*",
"matchCriteriaId": "B23031B3-799A-47E0-B6A7-3B3C103ED08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF82110-E275-4746-9BCF-C46CE01A5EA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "1F7DF3A1-75E4-416B-9346-90629EB85E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5A3FE44D-0C02-41B7-985F-A79B858221AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA7C510-9011-4CAE-A270-F730308BF239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6105BB6A-22C4-4725-848A-281A7BF79725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5FA049-FAE2-498D-BE11-213C55872BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA36CB9-307F-44B8-8CA0-41BDFE2F14FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D87038FD-8115-4024-AB82-EFB0EF5B1C98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "985DDA57-DA2C-4EC7-BD42-F0B5E190DBF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CFD5DF-BCD0-46C6-B18E-60465A6318BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D68C4BE8-A053-46F3-B9F3-DDE3451F30B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2335F8A5-30E3-4452-8FFA-1ED185917313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A22B0B-E8C4-47AB-B276-E8E38BDDE818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA7C02D-DA10-4B9D-83C9-98BBE81E6166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "121F391B-295D-4684-A7F4-C91C57033532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8BE130-4CA6-4690-AB01-59A50EB8B997",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands."
},
{
"lang": "es",
"value": "librpc.dll en nsrexecd de EMC NetWorker en versiones anteriores a 7.5 SP4, 7.5.3.x anteriores a 7.5.3.5, y 7.6.x anteriores a 7.6.1.2 no mitiga apropiadamente la posibilidad de suplantar una direcci\u00f3n IP de fuente localhost, lo que permite a atacantes remotos (1) registrar o (2) desregistrar servicios RPC, y consecuentemente provocar una denegaci\u00f3n de servicio u obtener informaci\u00f3n confidencial de comunicaci\u00f3n entre procesos (\"interprocess communication\") a trav\u00e9s de paquetes UDP modificados que contengan comandos de servicio."
}
],
"id": "CVE-2011-0321",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-01T18:00:03.313",
"references": [
{
"source": "security_alert@emc.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-01/0162.html"
},
{
"source": "security_alert@emc.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt"
},
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43113"
},
{
"source": "security_alert@emc.com",
"url": "http://securitytracker.com/id?1025010"
},
{
"source": "security_alert@emc.com",
"url": "http://www.osvdb.org/70686"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/bid/46044"
},
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0241"
},
{
"source": "security_alert@emc.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64997"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-01/0162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/70686"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46044"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64997"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-31 13:20
Modified
2025-04-11 00:51
Severity ?
Summary
EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | networker | 7.6 | |
| emc | networker | 7.6 | |
| emc | networker | 7.6 | |
| emc | networker | 7.6.0.2 | |
| emc | networker | 7.6.0.3 | |
| emc | networker | 7.6.0.4 | |
| emc | networker | 7.6.0.5 | |
| emc | networker | 7.6.0.6 | |
| emc | networker | 7.6.0.7 | |
| emc | networker | 7.6.0.8 | |
| emc | networker | 7.6.0.9 | |
| emc | networker | 7.6.1 | |
| emc | networker | 7.6.1.1 | |
| emc | networker | 7.6.1.2 | |
| emc | networker | 7.6.1.3 | |
| emc | networker | 7.6.1.4 | |
| emc | networker | 7.6.1.5 | |
| emc | networker | 7.6.3 | |
| emc | networker | 7.6.4 | |
| emc | networker | 7.6.4.1 | |
| emc | networker | 7.6.4.2 | |
| emc | networker | 7.6.4.3 | |
| emc | networker | 7.6.4.4 | |
| emc | networker | 7.6.4.5 | |
| emc | networker | 7.6.5 | |
| emc | networker | 7.6.5.2 | |
| emc | networker | 7.6.5.3 | |
| emc | networker | 7.6.5.4 | |
| emc | networker | 7.6.5.5 | |
| emc | networker | 7.6.5.6 | |
| emc | networker | 8.0 | |
| emc | networker | 8.0.0.1 | |
| emc | networker | 8.0.0.2 | |
| emc | networker | 8.0.0.3 | |
| emc | networker | 8.0.0.4 | |
| emc | networker | 8.0.0.5 | |
| emc | networker | 8.0.0.6 | |
| emc | networker | 8.0.1.3 | |
| emc | networker | 8.0.1.4 | |
| emc | networker | 8.0.1.5 | |
| emc | networker | 8.0.1.6 | |
| emc | networker | 8.0.2.0 | |
| emc | networker | 8.0.2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "72846905-B210-4FC5-9B33-44901DEEFE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "89324C33-21D3-463A-9C52-C495F3DC3CD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6:sp2:*:*:*:*:*:*",
"matchCriteriaId": "C13D9451-34DA-42FA-BC1E-2AEBB903B480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D87038FD-8115-4024-AB82-EFB0EF5B1C98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "985DDA57-DA2C-4EC7-BD42-F0B5E190DBF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CFD5DF-BCD0-46C6-B18E-60465A6318BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D68C4BE8-A053-46F3-B9F3-DDE3451F30B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2335F8A5-30E3-4452-8FFA-1ED185917313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A22B0B-E8C4-47AB-B276-E8E38BDDE818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA7C02D-DA10-4B9D-83C9-98BBE81E6166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "121F391B-295D-4684-A7F4-C91C57033532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8771B6-D668-47B7-B114-E6E111A2A322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8BE130-4CA6-4690-AB01-59A50EB8B997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE180DF-44A3-49FA-865E-774D51E2F574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2EFDC5AA-A5F9-4F98-88CA-E83323C26255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "731868F9-F611-442B-85B6-8E5C7A963DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E27C64B9-83B9-44D9-A3FA-3B93867B086C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ADBD90BD-A1F7-45D6-9BD3-19AF88FD6087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF6BADD-1761-4F58-8FE6-34824D36A42A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DB455DF-F7F5-4534-A854-BB61604DDD5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FEE098A5-18F8-43F1-967D-5FB1A4213BAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6C4DA434-8078-4E3D-84C9-6338B6860CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B0A517A5-86EC-4ACD-9120-9855FD4A66F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "945BBBE4-ACC1-4FD9-9147-2C3AD6AEBAD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FF979EA7-ADAF-4F5E-834A-16571BF7FF02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FE474B05-A028-4166-915F-96738CA18F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB839A7-524B-4E16-93E2-20223E409D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7979286C-889B-4403-A624-6BA997B1F9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "04A5F456-4351-403B-BB2B-13F82C8A61B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEE7E63-28F7-47F4-9111-5837BF5BE142",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83625C74-9A2C-406D-A72F-98057C626180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C918819-AE64-4C02-BDFD-44A7950260E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D67F8C96-D9A8-4EBC-909D-8D5076F72C5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5D89D53E-767D-43D6-822A-418297C7349C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B59F4C75-D6C7-4D9F-A3B5-311DA1D59F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E3601F4F-FAA4-4B88-8B39-3E8DCCDC621F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "408E3FBD-64BF-4E37-9FA2-C9FC69A2D5F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0A95340F-8259-4471-A288-3046D67EDE5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "87F69CAF-0E54-45EF-9063-6FDCFA2A0BD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A990F8EA-B69D-458B-8433-41BA5118D57B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3875F1DF-21A9-4F50-8F01-D55AFD725094",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C9084EB-5D75-477D-AF31-BDC174B1A23C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A851B4E-C9CB-4580-BFD9-4A28EA9E3859",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin."
},
{
"lang": "es",
"value": "EMC NetWorker 7.6.x y 8.x anterior a 8.1, permite a usuarios locales obtener informaci\u00f3n sensible de la configuraci\u00f3n aprovechando los privilegios del sistema operativo para realizar un descifrado con nsradmin."
}
],
"id": "CVE-2013-0943",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-31T13:20:24.137",
"references": [
{
"source": "security_alert@emc.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0193.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0193.html"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-09-04 11:04
Modified
2025-04-11 00:51
Severity ?
Summary
Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specifiers in a message.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:7.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ADBD90BD-A1F7-45D6-9BD3-19AF88FD6087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF6BADD-1761-4F58-8FE6-34824D36A42A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83625C74-9A2C-406D-A72F-98057C626180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specifiers in a message."
},
{
"lang": "es",
"value": "Vulnerabilidad de formato de cadena en el servicio nsrd RPC en EMC NetWorker v7.6.3 y v7.6.4 anterior a v7.6.4.1, y v8.0 anterior a v8.0.0.1, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de especificadores de formato de cadena en un mensaje."
}
],
"id": "CVE-2012-2288",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-09-04T11:04:48.967",
"references": [
{
"source": "security_alert@emc.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-08/0219.html"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/bid/55330"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securitytracker.com/id?1027459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-08/0219.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55330"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027459"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-05 17:29
Modified
2024-11-21 03:14
Severity ?
Summary
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security_alert@emc.com | http://seclists.org/fulldisclosure/2018/Jan/17 | Issue Tracking, Mailing List, Third Party Advisory | |
| security_alert@emc.com | http://www.securityfocus.com/bid/102352 | Third Party Advisory, VDB Entry | |
| security_alert@emc.com | http://www.securitytracker.com/id/1040070 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2018/Jan/17 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102352 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040070 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | avamar_server | 7.1-21 | |
| emc | avamar_server | 7.1-145 | |
| emc | avamar_server | 7.1-302 | |
| emc | avamar_server | 7.1-370 | |
| emc | avamar_server | 7.2-32 | |
| emc | avamar_server | 7.2-309 | |
| emc | avamar_server | 7.2-401 | |
| emc | avamar_server | 7.3-125 | |
| emc | avamar_server | 7.3-211 | |
| emc | avamar_server | 7.3-226 | |
| emc | avamar_server | 7.3-233 | |
| emc | avamar_server | 7.4-58 | |
| emc | avamar_server | 7.4-242 | |
| emc | avamar_server | 7.5-183 | |
| emc | integrated_data_protection_appliance | 2.0 | |
| emc | networker | 9.0 | |
| emc | networker | 9.1 | |
| emc | networker | 9.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.1-21:sp2:*:*:*:*:*:*",
"matchCriteriaId": "323E56C6-6B78-451F-A80E-041D54099867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.1-145:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2D107C2E-A98C-4242-9491-6E9D77C53AA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.1-302:*:*:*:*:*:*:*",
"matchCriteriaId": "4E873853-D132-4395-8A88-1950741E4020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.1-370:*:*:*:*:*:*:*",
"matchCriteriaId": "5CECC623-D5E1-491A-AE79-890BA83CEF83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.2-32:sp1:*:*:*:*:*:*",
"matchCriteriaId": "0DE64DDE-F009-442D-8287-C2985C7907CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.2-309:*:*:*:*:*:*:*",
"matchCriteriaId": "0E603320-F634-46D0-B3F3-27B43AD853C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.2-401:*:*:*:*:*:*:*",
"matchCriteriaId": "381B1CF4-9A04-419C-97D1-7997E24D78EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.3-125:sp1:*:*:*:*:*:*",
"matchCriteriaId": "F8E173EB-AA44-4C78-AE35-5A61120A3F0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.3-211:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9B1C79-59E3-4FCE-8268-1125E599CE09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.3-226:*:*:*:*:*:*:*",
"matchCriteriaId": "2C79B2E0-E227-4D30-9EC0-6E186C8E1F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.3-233:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB11FC4-D82F-4F15-A559-1B86D6FD262D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.4-58:sp1:*:*:*:*:*:*",
"matchCriteriaId": "EEE728F4-0944-4526-98A1-2610A94958AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.4-242:*:*:*:*:*:*:*",
"matchCriteriaId": "F72F4EE3-DE40-4F99-8869-DDCA53E8FBE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.5-183:*:*:*:*:*:*:*",
"matchCriteriaId": "3D008A0B-CB0F-4338-811C-02796C31F758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:integrated_data_protection_appliance:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C8896568-958B-45D3-893B-30E3D9E4ED5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0:*:*:*:virtual:*:*:*",
"matchCriteriaId": "D4E32F32-86B3-4833-B437-DAA7875637C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.1:*:*:*:virtual:*:*:*",
"matchCriteriaId": "C8608852-5E06-45F1-86F5-EB5E77E6D699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.2:*:*:*:virtual:*:*:*",
"matchCriteriaId": "2D056AFC-8E7B-454D-A190-178ECA69D379",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x y EMC Integrated Data Protection Appliance 2.0. Un usuario remoto malicioso no autenticado puede omitir la autenticaci\u00f3n de la aplicaci\u00f3n y obtener acceso root no autorizado a los sistemas afectados."
}
],
"id": "CVE-2017-15548",
"lastModified": "2024-11-21T03:14:45.130",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-05T17:29:00.223",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2018/Jan/17"
},
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102352"
},
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2018/Jan/17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040070"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-05 17:29
Modified
2024-11-21 03:14
Severity ?
Summary
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could potentially upload arbitrary maliciously crafted files in any location on the server file system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security_alert@emc.com | http://seclists.org/fulldisclosure/2018/Jan/17 | Issue Tracking, Mailing List, Third Party Advisory | |
| security_alert@emc.com | http://www.securityfocus.com/bid/102363 | Third Party Advisory, VDB Entry | |
| security_alert@emc.com | http://www.securitytracker.com/id/1040070 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2018/Jan/17 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102363 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040070 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | avamar_server | 7.1-21 | |
| emc | avamar_server | 7.1-145 | |
| emc | avamar_server | 7.1-302 | |
| emc | avamar_server | 7.1-370 | |
| emc | avamar_server | 7.2-32 | |
| emc | avamar_server | 7.2-309 | |
| emc | avamar_server | 7.2-401 | |
| emc | avamar_server | 7.3-125 | |
| emc | avamar_server | 7.3-211 | |
| emc | avamar_server | 7.3-226 | |
| emc | avamar_server | 7.3-233 | |
| emc | avamar_server | 7.4-58 | |
| emc | avamar_server | 7.4-242 | |
| emc | avamar_server | 7.5-183 | |
| emc | integrated_data_protection_appliance | 2.0 | |
| emc | networker | 9.0 | |
| emc | networker | 9.1 | |
| emc | networker | 9.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.1-21:sp2:*:*:*:*:*:*",
"matchCriteriaId": "323E56C6-6B78-451F-A80E-041D54099867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.1-145:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2D107C2E-A98C-4242-9491-6E9D77C53AA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.1-302:*:*:*:*:*:*:*",
"matchCriteriaId": "4E873853-D132-4395-8A88-1950741E4020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.1-370:*:*:*:*:*:*:*",
"matchCriteriaId": "5CECC623-D5E1-491A-AE79-890BA83CEF83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.2-32:sp1:*:*:*:*:*:*",
"matchCriteriaId": "0DE64DDE-F009-442D-8287-C2985C7907CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.2-309:*:*:*:*:*:*:*",
"matchCriteriaId": "0E603320-F634-46D0-B3F3-27B43AD853C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.2-401:*:*:*:*:*:*:*",
"matchCriteriaId": "381B1CF4-9A04-419C-97D1-7997E24D78EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.3-125:sp1:*:*:*:*:*:*",
"matchCriteriaId": "F8E173EB-AA44-4C78-AE35-5A61120A3F0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.3-211:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9B1C79-59E3-4FCE-8268-1125E599CE09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.3-226:*:*:*:*:*:*:*",
"matchCriteriaId": "2C79B2E0-E227-4D30-9EC0-6E186C8E1F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.3-233:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB11FC4-D82F-4F15-A559-1B86D6FD262D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.4-58:sp1:*:*:*:*:*:*",
"matchCriteriaId": "EEE728F4-0944-4526-98A1-2610A94958AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.4-242:*:*:*:*:*:*:*",
"matchCriteriaId": "F72F4EE3-DE40-4F99-8869-DDCA53E8FBE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:avamar_server:7.5-183:*:*:*:*:*:*:*",
"matchCriteriaId": "3D008A0B-CB0F-4338-811C-02796C31F758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:integrated_data_protection_appliance:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C8896568-958B-45D3-893B-30E3D9E4ED5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0:*:*:*:virtual:*:*:*",
"matchCriteriaId": "D4E32F32-86B3-4833-B437-DAA7875637C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.1:*:*:*:virtual:*:*:*",
"matchCriteriaId": "C8608852-5E06-45F1-86F5-EB5E77E6D699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.2:*:*:*:virtual:*:*:*",
"matchCriteriaId": "2D056AFC-8E7B-454D-A190-178ECA69D379",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could potentially upload arbitrary maliciously crafted files in any location on the server file system."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x y EMC Integrated Data Protection Appliance 2.0. Un usuario remoto malicioso con bajos privilegios podr\u00eda cargar archivos arbitrarios maliciosamente manipulados en cualquier ubicaci\u00f3n del sistema de archivos del servidor."
}
],
"id": "CVE-2017-15549",
"lastModified": "2024-11-21T03:14:45.237",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-05T17:29:00.253",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2018/Jan/17"
},
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102363"
},
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2018/Jan/17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040070"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-02 21:18
Modified
2025-04-09 00:30
Severity ?
Summary
The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:7.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8E1432B1-F02A-44E8-858F-CF92B31B505B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands."
},
{
"lang": "es",
"value": "El servidor de la consola de administraci\u00f3n del EMC NetWorker (antiguamente el Legato NetWorker) 7.3.2 anterior a la actualizaci\u00f3n 1 del Jumbo, utiliza una autenticaci\u00f3n d\u00e9bil, lo que permite a atacantes remotos ejecutar comandos de su elecci\u00f3n."
}
],
"id": "CVE-2006-3892",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-02T21:18:00.000",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Patch"
],
"url": "ftp://ftp.legato.com/pub/NetWorker/Updates/732JumboUpdate1/README%20732%20Jumbo%20Update%201.txt"
},
{
"source": "cret@cert.org",
"url": "http://osvdb.org/33853"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/24362"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/498553"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6VMLWA"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/22789"
},
{
"source": "cret@cert.org",
"url": "http://www.securitytracker.com/id?1017724"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2007/0816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "ftp://ftp.legato.com/pub/NetWorker/Updates/732JumboUpdate1/README%20732%20Jumbo%20Update%201.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24362"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/498553"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6VMLWA"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0816"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-05-03 11:57
Modified
2025-04-11 00:51
Severity ?
Summary
The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:*:*:*:*:*:*:*:*",
"matchCriteriaId": "520B7353-3716-4B32-AAA1-F4A0FEE49A8A",
"versionEndIncluding": "7.6.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5967C58A-D318-466D-9370-222FE7034B2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE54B84-3CA1-490B-9D0C-A3C3C872D2B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D2271AE-769D-4A3A-8821-22F22B6018C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "76F59763-C87A-48A4-890D-B17EAEA6EF0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10954E1B-09A1-4F0A-A2EF-BEDE3B6CE7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8E1432B1-F02A-44E8-858F-CF92B31B505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "33F952DA-3037-4F76-B874-E63F3F280B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.4:sp1:*:*:*:*:*:*",
"matchCriteriaId": "A6320CF7-A074-429C-A4C2-7D3F7E19A49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.4:sp2:*:*:*:*:*:*",
"matchCriteriaId": "6E8C849D-24D2-495E-997A-789FC9D7D56C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.4:sp3:*:*:*:*:*:*",
"matchCriteriaId": "A65D81EE-FC19-40BE-B9E4-44F2A99D60AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.4:sp4:*:*:*:*:*:*",
"matchCriteriaId": "B5262837-70E0-4F10-8367-4F85DB17B67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.4:sp5:*:*:*:*:*:*",
"matchCriteriaId": "B23031B3-799A-47E0-B6A7-3B3C103ED08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.4.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0DEDB2-38FF-4915-A46C-7DE2735876A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.4.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8273C65F-BDD3-4C42-9B6C-456E54DDC6C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.4.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D315A1BA-1BE5-48CE-83EC-DAECA6DD48FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.4.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "41A958BB-4094-4317-90B9-282BC3A26C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF82110-E275-4746-9BCF-C46CE01A5EA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "1F7DF3A1-75E4-416B-9346-90629EB85E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5A3FE44D-0C02-41B7-985F-A79B858221AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5:sp3:*:*:*:*:*:*",
"matchCriteriaId": "8215A765-566D-4761-9C97-68F64675B45A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B48E6E-E5C8-4C1A-BAB5-5BE136B611E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FF03F62F-1633-405A-8B08-D5F7145A7174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C7271CDF-1D20-4942-A32C-39C1FDC2D265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3436A42F-F1DF-4FFD-877A-308057A5F8C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A1A23D19-38B0-46A8-A26C-3250632D6E4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "64F9AE15-2B14-4D76-83C2-0A7125F16D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA7C510-9011-4CAE-A270-F730308BF239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6105BB6A-22C4-4725-848A-281A7BF79725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5FA049-FAE2-498D-BE11-213C55872BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA36CB9-307F-44B8-8CA0-41BDFE2F14FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17DE514C-CFCB-429B-B512-214310A80611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D64B74C8-38FD-4D28-950F-C3F2DE942980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C726F9-6433-4236-8C57-D4232458B955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "010991D9-9112-4B8B-8DE0-58ECF49A44F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F88FD06-F318-4576-BE8F-4494C217F814",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1420E7-90F4-43DC-AA5A-91B34870DF53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "013A475A-C422-4252-ABC9-EA6C0ADE14D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7F0E63B8-318A-46A1-AAC0-6DB8F126EB6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.5.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C14E6F-0688-4604-8318-25EBFC7642EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D87038FD-8115-4024-AB82-EFB0EF5B1C98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "985DDA57-DA2C-4EC7-BD42-F0B5E190DBF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CFD5DF-BCD0-46C6-B18E-60465A6318BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D68C4BE8-A053-46F3-B9F3-DDE3451F30B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2335F8A5-30E3-4452-8FFA-1ED185917313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A22B0B-E8C4-47AB-B276-E8E38BDDE818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA7C02D-DA10-4B9D-83C9-98BBE81E6166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "121F391B-295D-4684-A7F4-C91C57033532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8771B6-D668-47B7-B114-E6E111A2A322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8BE130-4CA6-4690-AB01-59A50EB8B997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE180DF-44A3-49FA-865E-774D51E2F574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2EFDC5AA-A5F9-4F98-88CA-E83323C26255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "731868F9-F611-442B-85B6-8E5C7A963DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E27C64B9-83B9-44D9-A3FA-3B93867B086C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ADBD90BD-A1F7-45D6-9BD3-19AF88FD6087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF6BADD-1761-4F58-8FE6-34824D36A42A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DB455DF-F7F5-4534-A854-BB61604DDD5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FEE098A5-18F8-43F1-967D-5FB1A4213BAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6C4DA434-8078-4E3D-84C9-6338B6860CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B0A517A5-86EC-4ACD-9120-9855FD4A66F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "945BBBE4-ACC1-4FD9-9147-2C3AD6AEBAD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:7.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FF979EA7-ADAF-4F5E-834A-16571BF7FF02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83625C74-9A2C-406D-A72F-98057C626180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C918819-AE64-4C02-BDFD-44A7950260E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D67F8C96-D9A8-4EBC-909D-8D5076F72C5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5D89D53E-767D-43D6-822A-418297C7349C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B59F4C75-D6C7-4D9F-A3B5-311DA1D59F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E3601F4F-FAA4-4B88-8B39-3E8DCCDC621F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "408E3FBD-64BF-4E37-9FA2-C9FC69A2D5F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0A95340F-8259-4471-A288-3046D67EDE5A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors."
},
{
"lang": "es",
"value": "El proceso nsrpush en el cliente en EMC NetWorker anterior a v7.6.5.3 y v8.x anterior a v8.0.1.4 fija permisos d\u00e9biles para ficheros no especificados, permitiendo a usuarios locales ganar privilegios mediante vectores desconocidos."
}
],
"id": "CVE-2013-0940",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-05-03T11:57:41.297",
"references": [
{
"source": "security_alert@emc.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0013.html"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-12-05 03:59
Modified
2025-04-12 10:46
Severity ?
Summary
EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service (process outage) via malformed RPC authentication messages.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:networker:8.0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "27A25145-9B2F-4C9B-8E9B-65E71FDB3EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F38B4D5D-C2F6-45A2-965D-73DECCF094AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8314DE-3BA0-4A54-AEA2-A2666961E82D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9424A33B-8A88-41A0-9399-A7201EE75A21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6B0E4D-0358-4A1D-9BE5-1840E2D7585A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8D386E51-02E1-4BA8-AFD7-BE6EFAFC0082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7832B1E1-6367-4D7C-B1A1-0517EB169378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FD1A7FCF-5029-41BC-815D-D7089C75A195",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6EA7A0E-F89B-495F-946B-BE4C773CF475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "61CD2EED-A21C-4CE1-8621-626C3723D65F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "25933657-2494-419B-9BA0-E4489B357A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2F3F38D0-3B95-450F-A212-208473D624D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B8756020-C00B-4035-97AB-B4AA6445342F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE473613-EF12-4E31-87D7-C96E9CADE4B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3534CB1D-99B1-4D22-985E-AC4823A74CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E03DDF1E-ACB7-4537-9E3F-6562D684D100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C7283326-D640-4F93-9C48-F8847A49435F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB1594CC-8F3F-4F54-AF21-D6D1E01B71FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F104816B-1F99-4F01-BDC9-6FB5C0B0C580",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0DA1C36-6B73-4DA2-B10F-476BB4D75568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "70E3A734-DE86-46C5-B713-AECEA6FDAF93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55F82679-EA1D-4D15-8A63-8EBC7EA5E62B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "07413EC7-5A1E-464F-B07D-A03552C5758B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "989A6B97-D2D0-4011-A899-1BF20B12A69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "466F5C3D-3BE4-4B7A-9E46-AF244B2ABA2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B64B1B69-A32C-468E-B464-D4EE7A20D52C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81468092-0C4D-464E-8272-32DAA72B9E19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "19378323-08B1-4F9B-9A72-268B19D1C691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B29894BB-1502-4F61-B961-5D75BDAB104C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE6EA84-5E4B-462F-956B-76CAFA6E4500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "323F4339-8BDE-4CEF-9151-2089F901897E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25E35791-8E1D-4EAF-90EE-49CD9E4369E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "06BCB990-3485-4B25-8B36-E3B4060D5857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A555D471-D194-4CD9-871E-3F15C33593B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4988DB2B-8920-42A0-BBB2-F1C710BAA197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D5472494-CC1F-473C-8BF9-622CF068B6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4C06B8B2-D377-4AEE-8660-DA757F23A0BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92AAC072-3EFF-4709-A046-3F4CD82D8CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1844D405-90D6-4E70-9016-F58EAC784B9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8982D63A-7143-4BE4-BA31-367860CB7290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FF860F53-437A-40C8-8DDD-27FADA385471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "23EF4F7E-26DC-4FE2-A76A-AA4F6C7D1F12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F1DA8904-166E-4704-AF39-DC2BF6429FCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC929F1-D460-4787-B801-D5215F639AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38AEAB9D-29F3-4711-899A-FC96E3745DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C2512216-4F2D-4B93-98E5-A5C71E00B029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F74F83AE-EEF6-46EC-9A1E-F45E4576A229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:8.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "18391227-EE1B-4EA9-95A1-B58F7F2325AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:networker:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C47D51-FE5B-4F39-B6AA-1DEE2B8D2287",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service (process outage) via malformed RPC authentication messages."
},
{
"lang": "es",
"value": "EMC NetWorker en versiones anteriores a 8.0.4.5, 8.1.x en versiones anteriores a 8.1.3.6, 8.2.x en versiones anteriores a 8.2.2.2 y 9.0 en versiones anteriores a build 407 permite a atacantes remotos causar una denegaci\u00f3n de servicio (interrupci\u00f3n de proceso) a trav\u00e9s de mensajes de autenticaci\u00f3n RPC mal formados."
}
],
"id": "CVE-2015-6849",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-12-05T03:59:07.520",
"references": [
{
"source": "security_alert@emc.com",
"url": "http://seclists.org/bugtraq/2015/Dec/18"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securitytracker.com/id/1034287"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/bugtraq/2015/Dec/18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034287"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2012-2288 (GCVE-0-2012-2288)
Vulnerability from cvelistv5
Published
2012-09-04 10:00
Modified
2024-08-06 19:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specifiers in a message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/55330 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/bugtraq/2012-08/0219.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id?1027459 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:26:09.006Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55330",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55330"
},
{
"name": "20120830 ESA-2012-038: EMC NetWorker Format String Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-08/0219.html"
},
{
"name": "1027459",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027459"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specifiers in a message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-14T10:00:00",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "55330",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55330"
},
{
"name": "20120830 ESA-2012-038: EMC NetWorker Format String Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-08/0219.html"
},
{
"name": "1027459",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027459"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2012-2288",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specifiers in a message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55330",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55330"
},
{
"name": "20120830 ESA-2012-038: EMC NetWorker Format String Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-08/0219.html"
},
{
"name": "1027459",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027459"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2012-2288",
"datePublished": "2012-09-04T10:00:00",
"dateReserved": "2012-04-19T00:00:00",
"dateUpdated": "2024-08-06T19:26:09.006Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0395 (GCVE-0-2012-0395)
Vulnerability from cvelistv5
Published
2012-01-27 00:00
Modified
2024-09-17 04:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/521374 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:23:30.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120126 ESA-2012-005: EMC NetWorker buffer overflow vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/521374"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-01-27T00:00:00Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "20120126 ESA-2012-005: EMC NetWorker buffer overflow vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/521374"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2012-0395",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120126 ESA-2012-005: EMC NetWorker buffer overflow vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/521374"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2012-0395",
"datePublished": "2012-01-27T00:00:00Z",
"dateReserved": "2012-01-09T00:00:00Z",
"dateUpdated": "2024-09-17T04:19:22.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4607 (GCVE-0-2012-4607)
Vulnerability from cvelistv5
Published
2013-01-17 22:00
Modified
2024-09-16 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before 7.6.5, and 8.x before 8.0.0.6, allows remote attackers to execute arbitrary code via crafted SunRPC data.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2013-01/0029.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:42:54.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130107 ESA-2013-001: EMC NetWorker Buffer Overflow vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0029.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before 7.6.5, and 8.x before 8.0.0.6, allows remote attackers to execute arbitrary code via crafted SunRPC data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-01-17T22:00:00Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "20130107 ESA-2013-001: EMC NetWorker Buffer Overflow vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0029.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2012-4607",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before 7.6.5, and 8.x before 8.0.0.6, allows remote attackers to execute arbitrary code via crafted SunRPC data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130107 ESA-2013-001: EMC NetWorker Buffer Overflow vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0029.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2012-4607",
"datePublished": "2013-01-17T22:00:00Z",
"dateReserved": "2012-08-24T00:00:00Z",
"dateUpdated": "2024-09-16T19:21:07.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8022 (GCVE-0-2017-8022)
Vulnerability from cvelistv5
Published
2017-10-18 15:00
Modified
2024-08-05 16:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Buffer Overflow Vulnerability
Summary
An issue was discovered in EMC NetWorker (prior to 8.2.4.9, all supported 9.0.x versions, prior to 9.1.1.3, prior to 9.2.0.4). The Server service (nsrd) is affected by a buffer overflow vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code on vulnerable installations of the software, or cause a denial of service, depending on the target system's platform.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1039583 | vdb-entry, x_refsource_SECTRACK | |
| http://seclists.org/fulldisclosure/2017/Oct/35 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC NetWorker prior to 8.2.4.9, 9.0.x (all supported versions), prior to 9.1.1.3, prior to 9.2.0.4 |
Version: EMC NetWorker prior to 8.2.4.9, 9.0.x (all supported versions), prior to 9.1.1.3, prior to 9.2.0.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:19:29.648Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039583",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039583"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2017/Oct/35"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC NetWorker prior to 8.2.4.9, 9.0.x (all supported versions), prior to 9.1.1.3, prior to 9.2.0.4",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC NetWorker prior to 8.2.4.9, 9.0.x (all supported versions), prior to 9.1.1.3, prior to 9.2.0.4"
}
]
}
],
"datePublic": "2017-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in EMC NetWorker (prior to 8.2.4.9, all supported 9.0.x versions, prior to 9.1.1.3, prior to 9.2.0.4). The Server service (nsrd) is affected by a buffer overflow vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code on vulnerable installations of the software, or cause a denial of service, depending on the target system\u0027s platform."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-19T09:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "1039583",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039583"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://seclists.org/fulldisclosure/2017/Oct/35"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2017-8022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC NetWorker prior to 8.2.4.9, 9.0.x (all supported versions), prior to 9.1.1.3, prior to 9.2.0.4",
"version": {
"version_data": [
{
"version_value": "EMC NetWorker prior to 8.2.4.9, 9.0.x (all supported versions), prior to 9.1.1.3, prior to 9.2.0.4"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in EMC NetWorker (prior to 8.2.4.9, all supported 9.0.x versions, prior to 9.1.1.3, prior to 9.2.0.4). The Server service (nsrd) is affected by a buffer overflow vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code on vulnerable installations of the software, or cause a denial of service, depending on the target system\u0027s platform."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039583",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039583"
},
{
"name": "http://seclists.org/fulldisclosure/2017/Oct/35",
"refsource": "CONFIRM",
"url": "http://seclists.org/fulldisclosure/2017/Oct/35"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2017-8022",
"datePublished": "2017-10-18T15:00:00",
"dateReserved": "2017-04-21T00:00:00",
"dateUpdated": "2024-08-05T16:19:29.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3892 (GCVE-0-2006-3892)
Vulnerability from cvelistv5
Published
2007-03-02 19:00
Modified
2024-08-07 18:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/24362 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/33853 | vdb-entry, x_refsource_OSVDB | |
| http://www.kb.cert.org/vuls/id/MIMG-6VMLWA | x_refsource_CONFIRM | |
| ftp://ftp.legato.com/pub/NetWorker/Updates/732JumboUpdate1/README%20732%20Jumbo%20Update%201.txt | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/22789 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1017724 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2007/0816 | vdb-entry, x_refsource_VUPEN | |
| http://www.kb.cert.org/vuls/id/498553 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24362",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24362"
},
{
"name": "33853",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33853"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6VMLWA"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.legato.com/pub/NetWorker/Updates/732JumboUpdate1/README%20732%20Jumbo%20Update%201.txt"
},
{
"name": "22789",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22789"
},
{
"name": "1017724",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017724"
},
{
"name": "ADV-2007-0816",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0816"
},
{
"name": "VU#498553",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/498553"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-03-14T09:00:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "24362",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24362"
},
{
"name": "33853",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33853"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6VMLWA"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.legato.com/pub/NetWorker/Updates/732JumboUpdate1/README%20732%20Jumbo%20Update%201.txt"
},
{
"name": "22789",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22789"
},
{
"name": "1017724",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017724"
},
{
"name": "ADV-2007-0816",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0816"
},
{
"name": "VU#498553",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/498553"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2006-3892",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24362",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24362"
},
{
"name": "33853",
"refsource": "OSVDB",
"url": "http://osvdb.org/33853"
},
{
"name": "http://www.kb.cert.org/vuls/id/MIMG-6VMLWA",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MIMG-6VMLWA"
},
{
"name": "ftp://ftp.legato.com/pub/NetWorker/Updates/732JumboUpdate1/README%20732%20Jumbo%20Update%201.txt",
"refsource": "CONFIRM",
"url": "ftp://ftp.legato.com/pub/NetWorker/Updates/732JumboUpdate1/README%20732%20Jumbo%20Update%201.txt"
},
{
"name": "22789",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22789"
},
{
"name": "1017724",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017724"
},
{
"name": "ADV-2007-0816",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0816"
},
{
"name": "VU#498553",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/498553"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2006-3892",
"datePublished": "2007-03-02T19:00:00",
"dateReserved": "2006-07-26T00:00:00",
"dateUpdated": "2024-08-07T18:48:39.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0940 (GCVE-0-2013-0940)
Vulnerability from cvelistv5
Published
2013-05-03 10:00
Modified
2024-09-17 02:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2013-05/0013.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:41:48.422Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130502 ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0013.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-05-03T10:00:00Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "20130502 ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0013.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2013-0940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130502 ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0013.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2013-0940",
"datePublished": "2013-05-03T10:00:00Z",
"dateReserved": "2013-01-09T00:00:00Z",
"dateUpdated": "2024-09-17T02:07:07.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0530 (GCVE-0-2015-0530)
Vulnerability from cvelistv5
Published
2015-04-17 01:00
Modified
2024-08-06 04:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/bugtraq/2015/Apr/103 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id/1032147 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:11.003Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150415 ESA-2015-069: EMC NetWorker Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2015/Apr/103"
},
{
"name": "1032147",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032147"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T16:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "20150415 ESA-2015-069: EMC NetWorker Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2015/Apr/103"
},
{
"name": "1032147",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032147"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2015-0530",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150415 ESA-2015-069: EMC NetWorker Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2015/Apr/103"
},
{
"name": "1032147",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032147"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2015-0530",
"datePublished": "2015-04-17T01:00:00",
"dateReserved": "2014-12-17T00:00:00",
"dateUpdated": "2024-08-06T04:10:11.003Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15548 (GCVE-0-2017-15548)
Vulnerability from cvelistv5
Published
2018-01-05 17:00
Modified
2024-08-05 19:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Authentication bypass vulnerability
Summary
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1040070 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/102352 | vdb-entry, x_refsource_BID | |
| http://seclists.org/fulldisclosure/2018/Jan/17 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0 |
Version: EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:26.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040070"
},
{
"name": "102352",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102352"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2018/Jan/17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0"
}
]
}
],
"datePublic": "2018-01-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication bypass vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-06T10:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "1040070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040070"
},
{
"name": "102352",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102352"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://seclists.org/fulldisclosure/2018/Jan/17"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2017-15548",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0",
"version": {
"version_data": [
{
"version_value": "EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040070",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040070"
},
{
"name": "102352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102352"
},
{
"name": "http://seclists.org/fulldisclosure/2018/Jan/17",
"refsource": "CONFIRM",
"url": "http://seclists.org/fulldisclosure/2018/Jan/17"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2017-15548",
"datePublished": "2018-01-05T17:00:00",
"dateReserved": "2017-10-17T00:00:00",
"dateUpdated": "2024-08-05T19:57:26.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0321 (GCVE-0-2011-0321)
Vulnerability from cvelistv5
Published
2011-02-01 17:00
Modified
2024-08-06 21:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1025010 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/46044 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/64997 | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/bugtraq/2011-01/0162.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.osvdb.org/70686 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/43113 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2011/0241 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:08.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt"
},
{
"name": "1025010",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025010"
},
{
"name": "46044",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46044"
},
{
"name": "networker-librpc-security-bypass(64997)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64997"
},
{
"name": "20110126 ESA-2011-003: EMC NetWorker librpc.dll spoofing vulnerability.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-01/0162.html"
},
{
"name": "70686",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/70686"
},
{
"name": "43113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43113"
},
{
"name": "ADV-2011-0241",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0241"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt"
},
{
"name": "1025010",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025010"
},
{
"name": "46044",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46044"
},
{
"name": "networker-librpc-security-bypass(64997)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64997"
},
{
"name": "20110126 ESA-2011-003: EMC NetWorker librpc.dll spoofing vulnerability.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-01/0162.html"
},
{
"name": "70686",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/70686"
},
{
"name": "43113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43113"
},
{
"name": "ADV-2011-0241",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0241"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2011-0321",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt",
"refsource": "CONFIRM",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt"
},
{
"name": "1025010",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025010"
},
{
"name": "46044",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46044"
},
{
"name": "networker-librpc-security-bypass(64997)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64997"
},
{
"name": "20110126 ESA-2011-003: EMC NetWorker librpc.dll spoofing vulnerability.",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-01/0162.html"
},
{
"name": "70686",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/70686"
},
{
"name": "43113",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43113"
},
{
"name": "ADV-2011-0241",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0241"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2011-0321",
"datePublished": "2011-02-01T17:00:00",
"dateReserved": "2011-01-06T00:00:00",
"dateUpdated": "2024-08-06T21:51:08.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0943 (GCVE-0-2013-0943)
Vulnerability from cvelistv5
Published
2013-07-31 10:00
Modified
2024-09-16 22:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2013-07/0193.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:41:48.352Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130729 ESA-2013-033: EMC NetWorker Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0193.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-31T10:00:00Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "20130729 ESA-2013-033: EMC NetWorker Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0193.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2013-0943",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130729 ESA-2013-033: EMC NetWorker Information Disclosure Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0193.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2013-0943",
"datePublished": "2013-07-31T10:00:00Z",
"dateReserved": "2013-01-09T00:00:00Z",
"dateUpdated": "2024-09-16T22:51:02.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3285 (GCVE-0-2013-3285)
Vulnerability from cvelistv5
Published
2013-11-02 19:00
Modified
2024-09-17 01:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Directory/LDAP for authentication, allows remote authenticated users to discover cleartext administrator passwords via (1) unspecified NMC audit reports or (2) requests to RAP resources.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2013-10/0150.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/63402 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1029265 | vdb-entry, x_refsource_SECTRACK | |
| http://osvdb.org/99067 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:07:36.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20131029 ESA-2013-072: EMC NetWorker Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0150.html"
},
{
"name": "63402",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/63402"
},
{
"name": "1029265",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029265"
},
{
"name": "99067",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/99067"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Directory/LDAP for authentication, allows remote authenticated users to discover cleartext administrator passwords via (1) unspecified NMC audit reports or (2) requests to RAP resources."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-02T19:00:00Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "20131029 ESA-2013-072: EMC NetWorker Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0150.html"
},
{
"name": "63402",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/63402"
},
{
"name": "1029265",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029265"
},
{
"name": "99067",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/99067"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2013-3285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Directory/LDAP for authentication, allows remote authenticated users to discover cleartext administrator passwords via (1) unspecified NMC audit reports or (2) requests to RAP resources."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20131029 ESA-2013-072: EMC NetWorker Information Disclosure Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0150.html"
},
{
"name": "63402",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/63402"
},
{
"name": "1029265",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029265"
},
{
"name": "99067",
"refsource": "OSVDB",
"url": "http://osvdb.org/99067"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2013-3285",
"datePublished": "2013-11-02T19:00:00Z",
"dateReserved": "2013-04-26T00:00:00Z",
"dateUpdated": "2024-09-17T01:41:22.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-6849 (GCVE-0-2015-6849)
Vulnerability from cvelistv5
Published
2015-12-05 02:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service (process outage) via malformed RPC authentication messages.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1034287 | vdb-entry, x_refsource_SECTRACK | |
| http://seclists.org/bugtraq/2015/Dec/18 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:36:34.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1034287",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034287"
},
{
"name": "20151203 ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2015/Dec/18"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service (process outage) via malformed RPC authentication messages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T20:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "1034287",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034287"
},
{
"name": "20151203 ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2015/Dec/18"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2015-6849",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service (process outage) via malformed RPC authentication messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034287",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034287"
},
{
"name": "20151203 ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2015/Dec/18"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2015-6849",
"datePublished": "2015-12-05T02:00:00",
"dateReserved": "2015-09-10T00:00:00",
"dateUpdated": "2024-08-06T07:36:34.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0114 (GCVE-0-2002-0114)
Vulnerability from cvelistv5
Published
2002-03-15 05:00
Modified
2024-08-08 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.iss.net/security_center/static/7898.php | vdb-entry, x_refsource_XF | |
| http://online.securityfocus.com/archive/1/249420 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/3842 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.654Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "legato-nsrd-log-plaintext(7898)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7898.php"
},
{
"name": "20020110 Legato Vulnerable",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/249420"
},
{
"name": "3842",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3842"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-22T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "legato-nsrd-log-plaintext(7898)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7898.php"
},
{
"name": "20020110 Legato Vulnerable",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/249420"
},
{
"name": "3842",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3842"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0114",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "legato-nsrd-log-plaintext(7898)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7898.php"
},
{
"name": "20020110 Legato Vulnerable",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/249420"
},
{
"name": "3842",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3842"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0114",
"datePublished": "2002-03-15T05:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T02:35:17.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-4620 (GCVE-0-2014-4620)
Vulnerability from cvelistv5
Published
2014-10-25 10:00
Modified
2024-08-06 11:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files, which allows local users to obtain sensitive information by reading these files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2014-10/0145.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id/1031116 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/70726 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/97756 | vdb-entry, x_refsource_XF | |
| http://packetstormsecurity.com/files/128841/EMC-NetWorker-Module-For-MEDITECH-NMMEDI-Information-Disclosure.html | x_refsource_MISC | |
| http://secunia.com/advisories/61952 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:20:26.651Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20141022 ESA-2014-087: EMC NetWorker Module for MEDITECH (NMMEDI) Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0145.html"
},
{
"name": "1031116",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031116"
},
{
"name": "70726",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70726"
},
{
"name": "emc-networker-cve20144620-info-disc(97756)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97756"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128841/EMC-NetWorker-Module-For-MEDITECH-NMMEDI-Information-Disclosure.html"
},
{
"name": "61952",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61952"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files, which allows local users to obtain sensitive information by reading these files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "20141022 ESA-2014-087: EMC NetWorker Module for MEDITECH (NMMEDI) Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0145.html"
},
{
"name": "1031116",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031116"
},
{
"name": "70726",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70726"
},
{
"name": "emc-networker-cve20144620-info-disc(97756)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97756"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128841/EMC-NetWorker-Module-For-MEDITECH-NMMEDI-Information-Disclosure.html"
},
{
"name": "61952",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61952"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2014-4620",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files, which allows local users to obtain sensitive information by reading these files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20141022 ESA-2014-087: EMC NetWorker Module for MEDITECH (NMMEDI) Information Disclosure Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0145.html"
},
{
"name": "1031116",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031116"
},
{
"name": "70726",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70726"
},
{
"name": "emc-networker-cve20144620-info-disc(97756)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97756"
},
{
"name": "http://packetstormsecurity.com/files/128841/EMC-NetWorker-Module-For-MEDITECH-NMMEDI-Information-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128841/EMC-NetWorker-Module-For-MEDITECH-NMMEDI-Information-Disclosure.html"
},
{
"name": "61952",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61952"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2014-4620",
"datePublished": "2014-10-25T10:00:00",
"dateReserved": "2014-06-24T00:00:00",
"dateUpdated": "2024-08-06T11:20:26.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15550 (GCVE-0-2017-15550)
Vulnerability from cvelistv5
Published
2018-01-05 17:00
Modified
2024-08-05 19:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Path traversal vulnerability
Summary
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could access arbitrary files on the server file system in the context of the running vulnerable application via Path traversal.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1040070 | vdb-entry, x_refsource_SECTRACK | |
| http://seclists.org/fulldisclosure/2018/Jan/17 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/102358 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0 |
Version: EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:26.996Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040070"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2018/Jan/17"
},
{
"name": "102358",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102358"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0"
}
]
}
],
"datePublic": "2018-01-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could access arbitrary files on the server file system in the context of the running vulnerable application via Path traversal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Path traversal vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-06T10:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "1040070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040070"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://seclists.org/fulldisclosure/2018/Jan/17"
},
{
"name": "102358",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102358"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2017-15550",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0",
"version": {
"version_data": [
{
"version_value": "EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could access arbitrary files on the server file system in the context of the running vulnerable application via Path traversal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path traversal vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040070",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040070"
},
{
"name": "http://seclists.org/fulldisclosure/2018/Jan/17",
"refsource": "CONFIRM",
"url": "http://seclists.org/fulldisclosure/2018/Jan/17"
},
{
"name": "102358",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102358"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2017-15550",
"datePublished": "2018-01-05T17:00:00",
"dateReserved": "2017-10-17T00:00:00",
"dateUpdated": "2024-08-05T19:57:26.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0113 (GCVE-0-2002-0113)
Vulnerability from cvelistv5
Published
2002-03-15 05:00
Modified
2024-08-08 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform.
References
| ▼ | URL | Tags |
|---|---|---|
| http://online.securityfocus.com/archive/1/249420 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/3840 | vdb-entry, x_refsource_BID | |
| http://www.iss.net/security_center/static/7897.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020110 Legato Vulnerable",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/249420"
},
{
"name": "3840",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3840"
},
{
"name": "legato-nsrd-log-permissions(7897)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7897.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-22T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020110 Legato Vulnerable",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/249420"
},
{
"name": "3840",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3840"
},
{
"name": "legato-nsrd-log-permissions(7897)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7897.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0113",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020110 Legato Vulnerable",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/249420"
},
{
"name": "3840",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3840"
},
{
"name": "legato-nsrd-log-permissions(7897)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7897.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0113",
"datePublished": "2002-03-15T05:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T02:35:17.596Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-0916 (GCVE-0-2016-0916)
Vulnerability from cvelistv5
Published
2016-06-10 01:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before 9.0.0.6 mishandles authentication, which allows remote attackers to execute arbitrary commands by leveraging access to a different NetWorker instance.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/bugtraq/2016/Jun/43 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id/1036075 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160608 ESA-2016-072: EMC NetWorker Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2016/Jun/43"
},
{
"name": "1036075",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036075"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before 9.0.0.6 mishandles authentication, which allows remote attackers to execute arbitrary commands by leveraging access to a different NetWorker instance."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-09T16:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "20160608 ESA-2016-072: EMC NetWorker Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2016/Jun/43"
},
{
"name": "1036075",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036075"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2016-0916",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before 9.0.0.6 mishandles authentication, which allows remote attackers to execute arbitrary commands by leveraging access to a different NetWorker instance."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160608 ESA-2016-072: EMC NetWorker Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2016/Jun/43"
},
{
"name": "1036075",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036075"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2016-0916",
"datePublished": "2016-06-10T01:00:00",
"dateReserved": "2015-12-17T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15549 (GCVE-0-2017-15549)
Vulnerability from cvelistv5
Published
2018-01-05 17:00
Modified
2024-08-05 19:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Arbitrary file upload vulnerability
Summary
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could potentially upload arbitrary maliciously crafted files in any location on the server file system.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1040070 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/102363 | vdb-entry, x_refsource_BID | |
| http://seclists.org/fulldisclosure/2018/Jan/17 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0 |
Version: EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.025Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040070"
},
{
"name": "102363",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102363"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2018/Jan/17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0"
}
]
}
],
"datePublic": "2018-01-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could potentially upload arbitrary maliciously crafted files in any location on the server file system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary file upload vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-06T10:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "1040070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040070"
},
{
"name": "102363",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102363"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://seclists.org/fulldisclosure/2018/Jan/17"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2017-15549",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0",
"version": {
"version_data": [
{
"version_value": "EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0, EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x, EMC Integrated Data Protection Appliance 2.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could potentially upload arbitrary maliciously crafted files in any location on the server file system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary file upload vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040070",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040070"
},
{
"name": "102363",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102363"
},
{
"name": "http://seclists.org/fulldisclosure/2018/Jan/17",
"refsource": "CONFIRM",
"url": "http://seclists.org/fulldisclosure/2018/Jan/17"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2017-15549",
"datePublished": "2018-01-05T17:00:00",
"dateReserved": "2017-10-17T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0910 (GCVE-0-2001-0910)
Vulnerability from cvelistv5
Published
2002-02-02 05:00
Modified
2024-08-08 04:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be determined by a DNS reverse lookup.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/3564 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/7601 | vdb-entry, x_refsource_XF | |
| http://marc.info/?l=bugtraq&m=100638782917917&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:37:06.732Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3564",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3564"
},
{
"name": "networker-reverse-dns-bypass-auth(7601)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7601"
},
{
"name": "20011121 Legato Networker vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100638782917917\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be determined by a DNS reverse lookup."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3564",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3564"
},
{
"name": "networker-reverse-dns-bypass-auth(7601)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7601"
},
{
"name": "20011121 Legato Networker vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100638782917917\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0910",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be determined by a DNS reverse lookup."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3564",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3564"
},
{
"name": "networker-reverse-dns-bypass-auth(7601)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7601"
},
{
"name": "20011121 Legato Networker vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=100638782917917\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0910",
"datePublished": "2002-02-02T05:00:00",
"dateReserved": "2002-01-31T00:00:00",
"dateUpdated": "2024-08-08T04:37:06.732Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1421 (GCVE-0-2011-1421)
Vulnerability from cvelistv5
Published
2011-04-22 10:00
Modified
2024-08-06 22:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2011/1025 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1025383 | vdb-entry, x_refsource_SECTRACK | |
| http://securityreason.com/securityalert/8214 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/archive/1/517532/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/47410 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/44237 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:28:41.485Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2011-1025",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/1025"
},
{
"name": "1025383",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025383"
},
{
"name": "8214",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8214"
},
{
"name": "20110418 ESA-2011-013: EMC NetWorker arbitrary code execution with elevated privileges vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/517532/100/0/threaded"
},
{
"name": "47410",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47410"
},
{
"name": "44237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44237"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "ADV-2011-1025",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/1025"
},
{
"name": "1025383",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025383"
},
{
"name": "8214",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8214"
},
{
"name": "20110418 ESA-2011-013: EMC NetWorker arbitrary code execution with elevated privileges vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/517532/100/0/threaded"
},
{
"name": "47410",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47410"
},
{
"name": "44237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44237"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2011-1421",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2011-1025",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/1025"
},
{
"name": "1025383",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025383"
},
{
"name": "8214",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8214"
},
{
"name": "20110418 ESA-2011-013: EMC NetWorker arbitrary code execution with elevated privileges vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/517532/100/0/threaded"
},
{
"name": "47410",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47410"
},
{
"name": "44237",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44237"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2011-1421",
"datePublished": "2011-04-22T10:00:00",
"dateReserved": "2011-03-14T00:00:00",
"dateUpdated": "2024-08-06T22:28:41.485Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}