Vulnerabilities > CVE-2017-8012 - Unspecified vulnerability in Dell products

CVSS 7.4 - HIGH

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

HIGH

network

high complexity

dell

NVD

Published: 2017-09-22

Updated: 2021-09-13

Summary

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial of service (DoS) condition. Attackers with knowledge of JMX agent user credentials could potentially exploit this vulnerability to create arbitrary files on the affected system and create a DoS condition by leveraging inherent JMX protocol capabilities.

Vulnerable Configurations

Part	Description	Count
Application	Dell Dell EMC Vipr SRM - Dell EMC Vipr SRM 3.7 Dell EMC Vipr SRM 3.7.1 Dell EMC Vipr SRM 3.7.2 Dell EMC Vipr SRM 4.0 Dell EMC Vipr SRM 4.0.1 Dell EMC Vipr SRM 4.0.2 Dell EMC Storage Monitoring AND Reporting * Dell EMC VNX Monitoring AND Reporting * Dell EMC M&R *	11

Summary

Vulnerable Configurations

References