Vulnerabilities > EMC > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-08-20 | CVE-2015-4535 | Permissions, Privileges, and Access Controls vulnerability in EMC Documentum Content Server Java Method Server (JMS) in EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02, when __debug_trace__ is configured, allows remote authenticated users to gain super-user privileges by leveraging the ability to read a log file containing a login ticket. | 7.5 |
| 2015-07-23 | CVE-2015-4527 | Information Exposure vulnerability in EMC Avamar Server and Avamar Server Virtual Edition Directory traversal vulnerability in EMC Avamar Server 7.x before 7.1.2 and Avamar Virtual Addition (AVE) 7.x before 7.1.2 allows remote attackers to read arbitrary files by using the Avamar Desktop/Laptop client interface to send crafted parameters. | 7.8 |
| 2015-07-10 | CVE-2015-4526 | Improper Access Control vulnerability in EMC Recoverpoint for Virtual Machines 4.2 EMC RecoverPoint for Virtual Machines (VMs) 4.2 allows local users to obtain root-shell access by bypassing the Installation Manager Boxmgmt CLI interface. | 7.2 |
| 2015-06-28 | CVE-2015-0550 | Path Traversal vulnerability in EMC Documentum Thumbnail Server Directory traversal vulnerability in EMC Documentum Thumbnail Server 6.7SP1 before P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P01 allows remote attackers to bypass intended Content Server access restrictions via unspecified vectors. | 8.5 |
| 2015-05-01 | CVE-2015-0532 | Permissions, Privileges, and Access Controls vulnerability in EMC RSA Identity Management and Governance 6.9.0/6.9.1 EMC RSA Identity Management and Governance (IMG) 6.9 before P04 and 6.9.1 before P01 does not properly restrict password resets, which allows remote attackers to obtain access via crafted use of the reset process for an arbitrary valid account name, as demonstrated by a privileged account. | 7.5 |
| 2015-04-17 | CVE-2015-0530 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in EMC Networker Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors. | 7.2 |
| 2015-03-29 | CVE-2015-0528 | Permissions, Privileges, and Access Controls vulnerability in EMC Isilon Onefs The RPC daemon in EMC Isilon OneFS 6.5.x and 7.0.x before 7.0.2.13, 7.1.0 before 7.1.0.6, 7.1.1 before 7.1.1.2, and 7.2.0 before 7.2.0.1 allows local users to gain privileges by leveraging an ability to modify system files. | 7.2 |
| 2015-03-12 | CVE-2015-0525 | OS Command Injection vulnerability in EMC Secure Remote Services 3.02/3.03 The Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary OS commands via unspecified vectors. | 7.5 |
| 2015-03-12 | CVE-2015-0524 | SQL Injection vulnerability in EMC Secure Remote Services 3.02/3.03 SQL injection vulnerability in the Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2015-03-12 | CVE-2015-0523 | Improper Input Validation vulnerability in EMC RSA Certificate Manager and RSA Registration Manager EMC RSA Certificate Manager (RCM) before 6.9 build 558 and RSA Registration Manager (RRM) before 6.9 build 558 allow remote attackers to cause an Administration Server denial of service via an invalid MIME e-mail message with a multipart/* Content-Type header. | 7.8 |