Vulnerabilities > EMC > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-10-25 | CVE-2014-4620 | Information Exposure vulnerability in multiple products The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files, which allows local users to obtain sensitive information by reading these files. | 2.1 |
| 2014-07-01 | CVE-2014-2512 | Cross-Site Scripting vulnerability in EMC Documentum Eroom 7.4.3/7.4.4 Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
| 2014-03-06 | CVE-2014-0624 | Unspecified vulnerability in EMC RSA Data Loss Prevention 9.0/9.5/9.6 EMC RSA Data Loss Prevention (DLP) 9.x before 9.6-SP2 does not properly manage sessions, which allows remote authenticated users to gain privileges and bypass intended content-reading restrictions via unspecified vectors. low complexity emc | 2.7 |
| 2013-12-28 | CVE-2013-6181 | Cryptographic Issues vulnerability in EMC Watch4Net 6.0/6.1/6.2 EMC Watch4Net before 6.3 stores cleartext polled-device passwords in the installation repository, which allows local users to obtain sensitive information by leveraging repository privileges. | 2.1 |
| 2013-11-21 | CVE-2013-6177 | Path Traversal vulnerability in EMC Document Sciences Xpression 4.1/4.2/4.5 Directory traversal vulnerability in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allows remote authenticated users to read arbitrary files by leveraging xDashboard access. | 3.5 |
| 2013-11-02 | CVE-2013-3285 | Cryptographic Issues vulnerability in EMC Networker The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Directory/LDAP for authentication, allows remote authenticated users to discover cleartext administrator passwords via (1) unspecified NMC audit reports or (2) requests to RAP resources. | 3.5 |
| 2013-07-08 | CVE-2013-3272 | Credentials Management vulnerability in EMC Replication Manager EMC Replication Manager (RM) before 5.4.4 places encoded passwords in application log files, which makes it easier for local users to obtain sensitive information by reading a file and conducting an unspecified decoding attack. | 2.1 |
| 2013-07-08 | CVE-2013-3273 | Credentials Management vulnerability in multiple products EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the cleartext administrative password from trace logging in custom SDK applications, which allows local users to obtain sensitive information by reading the trace log file. | 2.1 |
| 2013-05-03 | CVE-2013-0944 | Information Exposure vulnerability in EMC Avamar The web-based file-restore interface in EMC Avamar Server before 6.1.0 allows remote authenticated users to read arbitrary files via a crafted URL. | 3.5 |
| 2012-11-27 | CVE-2012-4615 | Cryptographic Issues vulnerability in EMC IT Operations Intelligence 9.0 EMC Smarts Network Configuration Manager (NCM) before 9.1 uses a hardcoded encryption key for the storage of credentials, which allows local users to obtain sensitive information via unspecified vectors. | 2.1 |