Vulnerabilities > CVE-2018-15764 - Unspecified vulnerability in EMC Esrs Policy Manager 6.7/6.8

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

emc

critical

NVD

Published: 2018-09-28

Updated: 2019-10-09

Summary

Dell EMC ESRS Policy Manager versions 6.8 and prior contain a remote code execution vulnerability due to improper configurations of triggered JMX services. A remote unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code in the server's JVM.

Vulnerable Configurations

Part	Description	Count
Application	Emc EMC Esrs Policy Manager 6.7 EMC Esrs Policy Manager 6.8	2

References

https://seclists.org/fulldisclosure/2018/Sep/47
http://www.securitytracker.com/id/1041714
http://www.securityfocus.com/bid/105405