Vulnerabilities > EMC > Networker
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-05 | CVE-2017-15550 | Path Traversal vulnerability in EMC products An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. | 9.0 |
| 2018-01-05 | CVE-2017-15549 | Unrestricted Upload of File with Dangerous Type vulnerability in EMC products An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. | 9.0 |
| 2018-01-05 | CVE-2017-15548 | Improper Authentication vulnerability in EMC products An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. | 10.0 |
| 2017-10-18 | CVE-2017-8022 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in EMC Networker An issue was discovered in EMC NetWorker (prior to 8.2.4.9, all supported 9.0.x versions, prior to 9.1.1.3, prior to 9.2.0.4). | 6.8 |
| 2016-06-10 | CVE-2016-0916 | Improper Authentication vulnerability in EMC Networker EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before 9.0.0.6 mishandles authentication, which allows remote attackers to execute arbitrary commands by leveraging access to a different NetWorker instance. | 10.0 |
| 2015-12-05 | CVE-2015-6849 | Improper Input Validation vulnerability in EMC Networker EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service (process outage) via malformed RPC authentication messages. | 7.8 |
| 2015-04-17 | CVE-2015-0530 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in EMC Networker Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors. | 7.2 |
| 2014-10-25 | CVE-2014-4620 | Information Exposure vulnerability in multiple products The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files, which allows local users to obtain sensitive information by reading these files. | 2.1 |
| 2013-11-02 | CVE-2013-3285 | Cryptographic Issues vulnerability in EMC Networker The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Directory/LDAP for authentication, allows remote authenticated users to discover cleartext administrator passwords via (1) unspecified NMC audit reports or (2) requests to RAP resources. | 3.5 |
| 2013-07-31 | CVE-2013-0943 | Information Exposure vulnerability in EMC Networker EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin. | 4.6 |