Vulnerabilities > EMC > Appsync
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-27 | CVE-2023-32458 | Improper Access Control vulnerability in EMC Appsync Dell AppSync, versions 4.4.0.0 to 4.6.0.0 including Service Pack releases, contains an improper access control vulnerability in Embedded Service Enabler component. | 7.8 |
| 2017-11-01 | CVE-2017-14376 | Use of Hard-coded Credentials vulnerability in EMC Appsync 2.0/3.0.0/3.5 EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system. | 7.2 |
| 2017-10-03 | CVE-2017-8018 | Improper Input Validation vulnerability in EMC Appsync 2.0/3.0.0/3.5 EMC AppSync host plug-in versions 3.5 and below (Windows platform only) includes a denial of service (DoS) vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 5.0 |
| 2017-09-12 | CVE-2017-8015 | SQL Injection vulnerability in EMC Appsync 2.0/3.0.0 EMC AppSync (all versions prior to 3.5) contains a SQL injection vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 7.5 |
| 2014-12-30 | CVE-2014-4634 | Local Privilege Escalation vulnerability in EMC Replication Manager and AppSync Unquoted Windows search path vulnerability in EMC Replication Manager through 5.5.2 and AppSync before 2.1.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character. | 4.6 |