Vulnerabilities > EMC > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-21 | CVE-2016-6650 | Information Exposure vulnerability in EMC Recoverpoint and Recoverpoint for Virtual Machines EMC RecoverPoint versions prior to 5.0 and EMC RecoverPoint for Virtual Machines versions prior to 5.0 have an SSL Stripping Vulnerability that may potentially be exploited by malicious users to compromise the affected system. | 2.6 |
| 2017-02-03 | CVE-2016-6648 | Permission Issues vulnerability in EMC Recoverpoint and Recoverpoint for Virtual Machines EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by sensitive information disclosure vulnerability as a result of incorrect permissions set on a sensitive system file. | 2.1 |
| 2017-01-06 | CVE-2016-9868 | 7PK - Security Features vulnerability in EMC Scaleio An issue was discovered in EMC ScaleIO versions before 2.0.1.1. | 2.1 |
| 2017-01-06 | CVE-2016-9869 | Permission Issues vulnerability in EMC Scaleio An issue was discovered in EMC ScaleIO versions before 2.0.1.1. | 2.1 |
| 2016-09-30 | CVE-2016-6647 | Cross-site Scripting vulnerability in EMC Vipr SRM 3.6.0/3.6.4/4.0 Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
| 2016-09-21 | CVE-2016-0925 | Cross-site Scripting vulnerability in EMC RSA Adaptive Authentication On-Premise Cross-site scripting (XSS) vulnerability in the Case Management application in EMC RSA Adaptive Authentication (On-Premise) before 6.0.2.1.SP3.P4 HF210, 7.0.x and 7.1.x before 7.1.0.0.SP0.P6 HF50, and 7.2.x before 7.2.0.0.SP0.P0 HF20 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
| 2016-09-18 | CVE-2016-6641 | Cross-site Scripting vulnerability in EMC Vipr SRM 3.6.0/3.6.4 Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
| 2016-07-04 | CVE-2016-0899 | Information Exposure vulnerability in EMC RSA Archer Egrc EMC RSA Archer GRC 5.5.x before 5.5.3.4 allows remote authenticated users to read the web.config.bak file, and obtain sensitive credential information, by modifying the IIS configuration to set a Content-Type header for .bak files. | 3.5 |
| 2015-11-18 | CVE-2015-6847 | Information Exposure vulnerability in EMC Vplex Geosynchrony 5.4 The default configuration of EMC VPLEX GeoSynchrony 5.4 SP1 before P3 stores cleartext NAVISPHERE GUI passwords in a log file, which allows local users to obtain sensitive information by reading this file. | 2.1 |
| 2015-09-26 | CVE-2015-4540 | Cross-site Scripting vulnerability in EMC RSA Identity Management and Governance Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Identity Management & Governance (IMG) before 6.8.1 P18 and 6.9.x before 6.9.1 P6 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |