Vulnerabilities > EMC > Appsync > 3.0.0

DATE CVE VULNERABILITY TITLE RISK
2017-11-01 CVE-2017-14376 Use of Hard-coded Credentials vulnerability in EMC Appsync
EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system.
local
low complexity
emc CWE-798
7.8
7.8
2017-10-03 CVE-2017-8018 Improper Input Validation vulnerability in EMC Appsync 2.0/3.0.0/3.5
EMC AppSync host plug-in versions 3.5 and below (Windows platform only) includes a denial of service (DoS) vulnerability that could potentially be exploited by malicious users to compromise the affected system.
network
low complexity
emc CWE-20
7.5
7.5
2017-09-12 CVE-2017-8015 SQL Injection vulnerability in EMC Appsync 2.0/3.0.0
EMC AppSync (all versions prior to 3.5) contains a SQL injection vulnerability that could potentially be exploited by malicious users to compromise the affected system.
network
low complexity
emc CWE-89
critical
 9.8
9.8