Vulnerabilities > EMC > Atmos
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-09-04 | CVE-2015-4538 | XML External Entity Injection vulnerability in EMC Atmos 2.2.3/2.3.0 The XML parser in EMC Atmos before 2.2.3.426 and 2.3.x before 2.3.1.0 allows remote authenticated users to read arbitrary files or cause a denial of service (CPU and memory consumption) via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 7.5 |
2013-10-16 | CVE-2013-3279 | Credentials Management vulnerability in EMC Atmos 2.1.3 EMC Atmos before 2.1.4 has a blank password for the PostgreSQL account, which allows remote attackers to obtain sensitive administrative information via a database-server connection. | 5.0 |