Vulnerabilities > EMC

DATE CVE VULNERABILITY TITLE RISK
2018-11-13 CVE-2018-15771 Information Exposure vulnerability in EMC Recoverpoint and Recoverpoint for Virtual Machines
Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an information disclosure vulnerability.
local
low complexity
emc CWE-200
5.5
2018-10-18 CVE-2018-11080 Incorrect Permission Assignment for Critical Resource vulnerability in EMC Secure Remote Services
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains Improper File Permission Vulnerabilities.
local
low complexity
emc CWE-732
7.8
2018-10-18 CVE-2018-11079 Insufficiently Protected Credentials vulnerability in EMC Secure Remote Services
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains a Plaintext Password Storage vulnerability.
local
low complexity
emc CWE-522
7.8
2018-09-28 CVE-2018-15764 Unspecified vulnerability in EMC Esrs Policy Manager 6.7/6.8
Dell EMC ESRS Policy Manager versions 6.8 and prior contain a remote code execution vulnerability due to improper configurations of triggered JMX services.
network
low complexity
emc
critical
9.8
2018-09-28 CVE-2018-11075 Cross-site Scripting vulnerability in multiple products
RSA Authentication Manager versions prior to 8.3 P3 contain a reflected cross-site scripting vulnerability in a Security Console page.
network
high complexity
rsa emc CWE-79
4.7
2018-09-28 CVE-2018-11074 Cross-site Scripting vulnerability in multiple products
RSA Authentication Manager versions prior to 8.3 P3 are affected by a DOM-based cross-site scripting vulnerability which exists in its embedded MadCap Flare Help files.
network
low complexity
rsa emc CWE-79
6.1
2018-09-28 CVE-2018-11073 Cross-site Scripting vulnerability in multiple products
RSA Authentication Manager versions prior to 8.3 P3 contain a stored cross-site scripting vulnerability in the Operations Console.
network
low complexity
rsa emc CWE-79
4.8
2018-09-18 CVE-2018-11071 Improper Input Validation vulnerability in EMC Isilon Onefs and Isilonsd Edge
Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 and Dell EMC IsilonSD Edge versions 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 contain a remote process crash vulnerability.
network
low complexity
emc CWE-20
7.5
2018-08-24 CVE-2018-11061 Unspecified vulnerability in EMC RSA Netwitness and RSA Security Analytics
RSA NetWitness Platform versions prior to 11.1.0.2 and RSA Security Analytics versions prior to 10.6.6 are vulnerable to a server-side template injection vulnerability due to insecure configuration of the template engine used in the product.
network
low complexity
emc
critical
9.1
2018-07-13 CVE-2018-1255 Cross-site Scripting vulnerability in EMC RSA Identity Governance and Lifecycle 7.0.1/7.0.2/7.1.0
RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains a reflected cross-site scripting vulnerability.
network
low complexity
emc CWE-79
6.1