Vulnerabilities > EMC > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-03-08 CVE-2018-1220 Open Redirect vulnerability in EMC RSA Archer
EMC RSA Archer, versions prior to 6.2.0.8, contains a redirect vulnerability in the QuickLinks feature.
network
emc CWE-601
5.8
5.8
2018-03-08 CVE-2018-1219 Unspecified vulnerability in EMC RSA Archer
EMC RSA Archer, versions prior to 6.2.0.8, contains an improper access control vulnerability on an API which is used to enumerate user information.
network
low complexity
emc
4.0
4.0
2018-01-25 CVE-2017-15546 SQL Injection vulnerability in EMC RSA Authentication Manager
The Security Console in EMC RSA Authentication Manager 8.2 SP1 P6 and earlier is affected by a blind SQL injection vulnerability.
network
low complexity
emc CWE-89
4.0
4.0
2017-12-20 CVE-2017-14387 Unspecified vulnerability in EMC Isilon Onefs
The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings (including the NFS export security flavor for authentication) that can be leveraged by current and future NFS exports.
network
low complexity
emc
6.4
6.4
2017-12-20 CVE-2017-14385 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in EMC Data Domain and Data Domain OS
An issue was discovered in EMC Data Domain DD OS 5.7 family, versions prior to 5.7.5.6; EMC Data Domain DD OS 6.0 family, versions prior to 6.0.2.9; EMC Data Domain DD OS 6.1 family, versions prior to 6.1.0.21; EMC Data Domain Virtual Edition 2.0 family, all versions; EMC Data Domain Virtual Edition 3.0 family, versions prior to 3.0 SP2 Update 1; and EMC Data Domain Virtual Edition 3.1 family, versions prior to 3.1 Update 2.
network
low complexity
emc CWE-119
5.0
5.0
2017-11-28 CVE-2017-8019 Improper Input Validation vulnerability in EMC Scaleio
An issue was discovered in EMC ScaleIO 2.0.1.x.
network
low complexity
emc CWE-20
5.0
5.0
2017-10-31 CVE-2017-14373 Cross-site Scripting vulnerability in EMC RSA Authentication Manager 8.1/8.2
EMC RSA Authentication Manager 8.2 SP1 P4 and earlier contains a reflected cross-site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system.
network
emc CWE-79
4.3
4.3
2017-10-18 CVE-2017-8022 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in EMC Networker
An issue was discovered in EMC NetWorker (prior to 8.2.4.9, all supported 9.0.x versions, prior to 9.1.1.3, prior to 9.2.0.4).
network
emc CWE-119
6.8
6.8
2017-10-18 CVE-2017-8024 Cross-site Scripting vulnerability in EMC Isilon Onefs
EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x) is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system.
network
emc CWE-79
4.3
4.3
2017-10-11 CVE-2017-8025 Improper Input Validation vulnerability in EMC Archer GRC Platform
RSA Archer GRC Platform prior to 6.2.0.5 is affected by an arbitrary file upload vulnerability.
network
emc CWE-20
6.8
6.8