Vulnerabilities > EMC
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-03 | CVE-2018-11051 | Path Traversal vulnerability in EMC RSA Certificate Manager 6.9 RSA Certificate Manager Versions 6.9 build 560 through 6.9 build 564 contain a path traversal vulnerability in the RSA CMP Enroll Server and the RSA REST Enroll Server. | 5.0 |
| 2018-06-21 | CVE-2018-1254 | Cross-site Scripting vulnerability in EMC RSA Authentication Manager 8.0/8.3 RSA Authentication Manager Security Console, versions 8.3 P1 and earlier, contains a reflected cross-site scripting vulnerability. | 4.3 |
| 2018-06-21 | CVE-2018-1253 | Cross-site Scripting vulnerability in EMC RSA Authentication Manager RSA Authentication Manager Operation Console, versions 8.3 P1 and earlier, contains a stored cross-site scripting vulnerability. | 4.3 |
| 2018-05-29 | CVE-2018-1242 | OS Command Injection vulnerability in EMC Recoverpoint and Recoverpoint FOR Virtual Machines Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contains a command injection vulnerability in the Boxmgmt CLI. | 4.0 |
| 2018-05-29 | CVE-2018-1241 | Information Exposure Through Log Files vulnerability in EMC Recoverpoint and Recoverpoint for Virtual Machines Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, under certain conditions, may leak LDAP password in plain-text into the RecoverPoint log file. | 4.0 |
| 2018-05-29 | CVE-2018-1235 | OS Command Injection vulnerability in EMC Recoverpoint and Recoverpoint for Virtual Machines Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a command injection vulnerability. | 10.0 |
| 2018-04-18 | CVE-2018-1240 | Information Exposure vulnerability in EMC Vipr Controller 3.0.0.39 Dell EMC ViPR Controller, versions after 3.0.0.38, contain an information exposure vulnerability in the VRRP. | 2.7 |
| 2018-03-16 | CVE-2017-8013 | Use of Hard-coded Credentials vulnerability in EMC Data Protection Advisor 6.3.0/6.4.0 EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before patch 130 contains undocumented accounts with hard-coded passwords and various privileges. | 7.5 |
| 2018-03-12 | CVE-2018-1206 | Use of Hard-coded Credentials vulnerability in EMC Data Protection Advisor 6.3.0/6.4.0 Dell EMC Data Protection Advisor versions prior to 6.3 Patch 159 and Dell EMC Data Protection Advisor versions prior to 6.4 Patch 110 contain a hardcoded database account with administrative privileges. | 7.2 |
| 2018-03-08 | CVE-2018-1220 | Open Redirect vulnerability in EMC RSA Archer EMC RSA Archer, versions prior to 6.2.0.8, contains a redirect vulnerability in the QuickLinks feature. | 5.8 |