Vulnerabilities > EMC > Networker > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-01-05 CVE-2017-15548 Improper Authentication vulnerability in EMC products
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0.
network
low complexity
emc CWE-287
critical
 10.0
10
2018-01-05 CVE-2017-15549 Unrestricted Upload of File with Dangerous Type vulnerability in EMC products
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0.
network
low complexity
emc CWE-434
critical
 9.0
9.0
2018-01-05 CVE-2017-15550 Path Traversal vulnerability in EMC products
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0.
network
low complexity
emc CWE-22
critical
 9.0
9.0
2016-06-10 CVE-2016-0916 Improper Authentication vulnerability in EMC Networker
EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before 9.0.0.6 mishandles authentication, which allows remote attackers to execute arbitrary commands by leveraging access to a different NetWorker instance.
network
low complexity
emc CWE-287
critical
 10.0
10
2013-01-17 CVE-2012-4607 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in EMC Networker
Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before 7.6.5, and 8.x before 8.0.0.6, allows remote attackers to execute arbitrary code via crafted SunRPC data.
network
emc CWE-119
critical
 9.3
9.3
2012-09-04 CVE-2012-2288 USE of Externally-Controlled Format String vulnerability in EMC Networker 7.6.3/7.6.4/8.0
Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specifiers in a message.
network
emc CWE-134
critical
 9.3
9.3
2012-01-27 CVE-2012-0395 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in EMC Networker
Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.
network
emc CWE-119
critical
 9.3
9.3
2007-03-02 CVE-2006-3892 Remote Authentication Bypass vulnerability in EMC Networker 7.3.2
The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands.
network
low complexity
emc
critical
 10.0
10