Vulnerabilities > EMC > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-09-19 | CVE-2011-1740 | Permissions, Privileges, and Access Controls vulnerability in EMC Avamar EMC Avamar 4.x, 5.0.x, and 6.0.x before 6.0.0-592 allows remote authenticated users to modify client data or obtain sensitive information about product activities by leveraging privileged access to a different domain. | 7.7 |
| 2011-08-23 | CVE-2011-2735 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in EMC Autostart 5.3/5.4 Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.1 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted message over TCP. | 7.9 |
| 2011-08-18 | CVE-2011-2733 | Improper Authentication vulnerability in EMC RSA Adaptive Authentication On-Premise 6.0.2.1 EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not prevent reuse of authentication information during a session, which allows remote authenticated users to bypass intended access restrictions via vectors related to knowledge of the originally used authentication information and unspecified other session information. | 7.5 |
| 2011-03-28 | CVE-2011-1420 | Permissions, Privileges, and Access Controls vulnerability in multiple products EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC platforms uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. | 7.2 |
| 2011-03-16 | CVE-2011-0648 | Remote Privilege Escalation vulnerability in EMC Avamar (CVE-2011-0648) Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote authenticated users to gain privileges via unknown vectors. network emc | 8.5 |
| 2010-08-02 | CVE-2010-2633 | Remote Denial of Service vulnerability in EMC Disk Library Communication Module Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7, 3.3.x before 3.3.2 epatch 8, and 4.0.x before 4.0.1 epatch 4 allows remote attackers to cause a denial of service (communication-module crash) by sending a crafted message through TCP. | 7.8 |
| 2010-05-28 | CVE-2010-1919 | Denial of Service vulnerability in EMC Avamar 4.0/4.1/5.0 Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 allows remote attackers to cause a denial of service (gsan service hang) by sending a crafted message using TCP. network emc | 7.1 |
| 2009-02-20 | CVE-2008-6219 | Resource Management Errors vulnerability in EMC products nsrexecd.exe in multiple EMC Networker products including EMC NetWorker Server, Storage Node, and Client 7.3.x and 7.4, 7.4.1, 7.4.2, Client and Storage Node for Open VMS 7.3.2 ECO6 and earlier, Module for Microsoft Exchange 5.1 and earlier, Module for Microsoft Applications 2.0 and earlier, Module for Meditech 2.0 and earlier, and PowerSnap 2.4 SP1 and earlier does not properly control the allocation of memory, which allows remote attackers to cause a denial of service (memory exhaustion) via multiple crafted RPC requests. | 7.8 |
| 2008-12-10 | CVE-2008-5420 | Information Exposure vulnerability in EMC Control Center 5.2/6.0 The SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center before 6.1 does not properly authenticate SST_SENDFILE requests, which allows remote attackers to read arbitrary files. | 7.8 |
| 2008-07-30 | CVE-2008-3370 | SQL Injection vulnerability in EMC Centera Universal Access 4.04735 SQL injection vulnerability in the CUA Login Module in EMC Centera Universal Access (CUA) 4.0_4735.p4 allows remote attackers to execute arbitrary SQL commands via the user (user name) field. | 7.5 |