Vulnerabilities > EMC
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-04-22 | CVE-2011-1421 | Permissions, Privileges, and Access Controls vulnerability in EMC Networker EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors. | 6.9 |
2011-03-28 | CVE-2011-1420 | Permissions, Privileges, and Access Controls vulnerability in multiple products EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC platforms uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. | 7.2 |
2011-03-16 | CVE-2011-0648 | Remote Privilege Escalation vulnerability in EMC Avamar (CVE-2011-0648) Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote authenticated users to gain privileges via unknown vectors. network emc | 8.5 |
2011-03-16 | CVE-2011-0442 | Cryptographic Issues vulnerability in EMC Avamar The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to transmit event details in (1) service requests and (2) e-mail messages, which might allow remote attackers to obtain sensitive information by sniffing the network. | 3.5 |
2011-02-10 | CVE-2011-0647 | Improper Input Validation vulnerability in EMC Networker Module and Replication Manager The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542. | 10.0 |
2011-02-01 | CVE-2011-0321 | Permissions, Privileges, and Access Controls vulnerability in EMC Networker librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands. | 6.4 |
2010-08-05 | CVE-2010-2860 | Permissions, Privileges, and Access Controls vulnerability in EMC Celerra Network Attached Storage The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addresses intended for an intranet network within the appliance, which allows remote attackers to read, create, or modify arbitrary files in the user data directory via NFS requests. | 9.3 |
2010-08-02 | CVE-2010-2633 | Remote Denial of Service vulnerability in EMC Disk Library Communication Module Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7, 3.3.x before 3.3.2 epatch 8, and 4.0.x before 4.0.1 epatch 4 allows remote attackers to cause a denial of service (communication-module crash) by sending a crafted message through TCP. | 7.8 |
2010-06-07 | CVE-2010-1904 | SQL Injection vulnerability in EMC RSA KEY Manager Client 1.5.0 SQL injection vulnerability in EMC RSA Key Manager (RKM) C Client 1.5.x allows user-assisted remote attackers to execute arbitrary SQL commands via the metadata section of encrypted key data. | 6.8 |
2010-05-28 | CVE-2010-1919 | Denial of Service vulnerability in EMC Avamar 4.0/4.1/5.0 Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 allows remote attackers to cause a denial of service (gsan service hang) by sending a crafted message using TCP. network emc | 7.1 |