Vulnerabilities > EMC
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-07-17 | CVE-2017-8000 | Cross-site Scripting vulnerability in EMC RSA Authentication Manager In EMC RSA Authentication Manager 8.2 SP1 and earlier, a malicious RSA Security Console Administrator could craft a token profile and store the profile name in the RSA Authentication Manager database. | 4.8 |
2017-07-09 | CVE-2017-8003 | Path Traversal vulnerability in EMC Data Protection Advisor EMC Data Protection Advisor prior to 6.4 contains a path traversal vulnerability. | 4.9 |
2017-07-09 | CVE-2017-8002 | SQL Injection vulnerability in EMC Data Protection Advisor EMC Data Protection Advisor prior to 6.4 contains multiple blind SQL injection vulnerabilities. | 8.8 |
2017-07-09 | CVE-2017-4976 | Use of Hard-coded Credentials vulnerability in EMC Esrs Policy Manager 6.7 EMC ESRS Policy Manager prior to 6.8 contains an undocumented account (OpenDS admin) with a default password. | 9.8 |
2017-07-07 | CVE-2017-5002 | Open Redirect vulnerability in EMC RSA Archer Egrc EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an open redirect vulnerability. | 6.1 |
2017-07-07 | CVE-2017-5001 | Information Exposure vulnerability in EMC RSA Archer Egrc EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an information exposure through an error message vulnerability. | 4.3 |
2017-07-07 | CVE-2017-5000 | Information Exposure vulnerability in EMC RSA Archer Egrc EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an information exposure through an error message vulnerability. | 4.3 |
2017-07-07 | CVE-2017-4999 | Information Exposure vulnerability in EMC RSA Archer Egrc EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an authorization bypass through user-controlled key vulnerability in Discussion Forum Messages. | 6.5 |
2017-07-07 | CVE-2017-4998 | Cross-Site Request Forgery (CSRF) vulnerability in EMC RSA Archer Egrc EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is potentially affected by a cross-site request forgery vulnerability. | 8.8 |
2017-06-21 | CVE-2017-4990 | Unrestricted Upload of File with Dangerous Type vulnerability in EMC Avamar Server In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an unauthorized attacker may leverage the file upload feature of the system maintenance page to load a maliciously crafted file to any directory which could allow the attacker to execute arbitrary code on the Avamar Server system. | 9.8 |